| |
| |||||||
Log-Analyse und Auswertung: Trojaner eingefangen? Browser und Programme spinnenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.02.2010, 16:13
| #1 |
 |  Trojaner eingefangen? Browser und Programme spinnen Hi Leute, ich habe selbst keine Ahnung wie, aber seit heute morgen spielt mein System an einigen Stellen verrückt. Alle Programme schließen generell mit einer Windows-Standard-Fehlermeldung und ständig öffnen meine Browser irgendwelche unseriösen Wett -und Möchtegernsoftwarewebsiten. Klingt vielleicht selten, aber ich fühle mich "beobachtet" im Sinne von Trojaner  hab Win Vista SP2, Hijack und DxDiag folgen: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:50:47, on 16.02.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\sdra64.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\rundll32.exe C:\Users\Wolfi\tueroif.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Users\Wolfi\tuoco.exe C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\PROFIL~1.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\PROGRA~1\T-Online\T-ONLI~2\Notifier\Notifier.exe C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Windows Mail\WinMail.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/service/redir/ie_t-online.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.t-online.de/service/redir/ie_suche.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/service/redir/ie_t-online.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von T-Online International AG R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\sdra64.exe, O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [tueroif] C:\Users\Wolfi\tueroif.exe O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [tuoco] C:\Users\Wolfi\tuoco.exe O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Wolfi\AppData\Local\Temp\Ah0.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'Default user') O8 - Extra context menu item: &NeoTrace It! - C:\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\NEOTRA~1\NTXtoolbar.htm (HKCU) O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{81D160E9-75A8-41E0-AF92-3A0580F12F73}: NameServer = 217.0.43.1 217.0.43.193 O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 10724 bytes ------------------ System Information ------------------ Time of this report: 2/16/2010, 16:11:35 Machine name: *entfernt* Operating System: Windows Vista™ Home Premium (6.0, Build 6002) Service Pack 2 (6002.vistasp2_gdr.091208-0542) Language: German (Regional Setting: German) System Manufacturer: Gigabyte Technology Co., Ltd. System Model: EP43-DS3 BIOS: Award Modular BIOS v6.00PG Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz (2 CPUs), ~3.0GHz Memory: 2046MB RAM Page File: 1812MB used, 3241MB available Windows Dir: C:\Windows DirectX Version: DirectX 11 DX Setup Parameters: None DxDiag Version: 7.00.6002.18107 32bit Unicode ------------ DxDiag Notes ------------ Display Tab 1: No problems found. Sound Tab 1: No problems found. Sound Tab 2: No problems found. Sound Tab 3: No problems found. Input Tab: No problems found. -------------------- DirectX Debug Levels -------------------- Direct3D: 0/4 (retail) DirectDraw: 0/4 (retail) DirectInput: 0/5 (retail) DirectMusic: 0/5 (retail) DirectPlay: 0/9 (retail) DirectSound: 0/5 (retail) DirectShow: 0/6 (retail) --------------- Display Devices --------------- Card name: NVIDIA GeForce 9800 GT Manufacturer: NVIDIA Chip type: GeForce 9800 GT DAC type: Integrated RAMDAC Device Key: Enum\PCI\VEN_10DE&DEV_0614&SUBSYS_504019DA&REV_A2 Display Memory: 1266 MB Dedicated Memory: 499 MB Shared Memory: 767 MB Current Mode: 1024 x 768 (32 bit) (85Hz) Monitor: PnP-Monitor (Standard) Driver Name: nvd3dum.dll,nvwgf2um.dll,nvwgf2um.dll Driver Version: 8.17.0011.9621 (English) DDI Version: 10 BGRA Supported: Yes Driver Attributes: Final Retail Driver Date/Size: 1/12/2010 05:03:33, 9388648 bytes WHQL Logo'd: Yes WHQL Date Stamp: Device Identifier: {D7B71E3E-4554-11CF-FF5F-4B701CC2C535} Vendor ID: 0x10DE Device ID: 0x0614 SubSys ID: 0x504019DA Revision ID: 0x00A2 Revision ID: 0x00A2 Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= DDraw Status: Enabled D3D Status: Enabled AGP Status: Enabled ------------- Sound Devices ------------- Description: Lautsprecher (SB Audigy) Default Sound Playback: Yes Default Voice Playback: Yes Hardware ID: PCI\VEN_1102&DEV_0007&SUBSYS_100A1102&REV_00 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: P17.sys Driver Version: 5.12.0001.2020 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 10/16/2009 02:11:56, 1168896 bytes Other Files: Driver Provider: CREATIVE HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX(tm) 2.0 Listen/Src: No, No I3DL2(tm) Listen/Src: No, No Sensaura(tm) ZoomFX(tm): No Description: Digitale Audioschnittstelle (SB Audigy) Default Sound Playback: No Default Voice Playback: No Hardware ID: PCI\VEN_1102&DEV_0007&SUBSYS_100A1102&REV_00 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: P17.sys Driver Version: 5.12.0001.2020 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 10/16/2009 02:11:56, 1168896 bytes Other Files: Driver Provider: CREATIVE HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX(tm) 2.0 Listen/Src: No, No I3DL2(tm) Listen/Src: No, No Sensaura(tm) ZoomFX(tm): No Description: Digitales Ausgabegerät (SPDIF) (High Definition Audio-Gerät) Default Sound Playback: No Default Voice Playback: No Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1458A002&REV_1000 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: HdAudio.sys Driver Version: 6.00.6002.18005 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 4/10/2009 21:43:04, 236544 bytes Other Files: Driver Provider: Microsoft HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX(tm) 2.0 Listen/Src: No, No I3DL2(tm) Listen/Src: No, No Sensaura(tm) ZoomFX(tm): No --------------------- Sound Capture Devices --------------------- Description: Mikrofon (SB Audigy) Default Sound Capture: Yes Default Voice Capture: Yes Driver Name: P17.sys Driver Version: 5.12.0001.2020 (English) Driver Attributes: Final Retail Date and Size: 10/16/2009 02:11:56, 1168896 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF Description: Line-In (SB Audigy) Default Sound Capture: No Default Voice Capture: No Driver Name: P17.sys Driver Version: 5.12.0001.2020 (English) Driver Attributes: Final Retail Date and Size: 10/16/2009 02:11:56, 1168896 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF Description: Digitales Eingangsgerät (SPDIF) (High Definition Audio-Gerät) Default Sound Capture: No Default Voice Capture: No Driver Name: HdAudio.sys Driver Version: 6.00.6002.18005 (English) Driver Attributes: Final Retail Date and Size: 4/10/2009 21:43:04, 236544 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF Description: S/PDIF-In (SB Audigy) Default Sound Capture: No Default Voice Capture: No Driver Name: P17.sys Driver Version: 5.12.0001.2020 (English) Driver Attributes: Final Retail Date and Size: 10/16/2009 02:11:56, 1168896 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF ------------------- DirectInput Devices ------------------- Device Name: Maus Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Device Name: Tastatur Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Poll w/ Interrupt: No ----------- USB Devices ----------- + USB-Root-Hub | Vendor/Product ID: 0x8086, 0x3A39 | Matching Device ID: usb\root_hub | Service: usbhub | Driver: usbhub.sys, 4/10/2009 21:43:18, 196096 bytes | Driver: usbd.sys, 1/21/2008 03:23:03, 5888 bytes ---------------- Gameport Devices ---------------- ------------ PS/2 Devices ------------ + Standardtastatur (PS/2) | Matching Device ID: *pnp0303 | Service: i8042prt | Driver: i8042prt.sys, 1/21/2008 03:23:20, 54784 bytes | Driver: kbdclass.sys, 1/21/2008 03:23:23, 35384 bytes | + Terminalserver-Tastaturtreiber | Matching Device ID: root\rdp_kbd | Upper Filters: kbdclass | Service: TermDD | Driver: i8042prt.sys, 1/21/2008 03:23:20, 54784 bytes | Driver: kbdclass.sys, 1/21/2008 03:23:23, 35384 bytes | + HID-konforme Maus | Vendor/Product ID: 0x046D, 0xC040 | Matching Device ID: hid_device_system_mouse | Service: mouhid | Driver: mouhid.sys, 1/21/2008 03:23:20, 15872 bytes | Driver: mouclass.sys, 1/21/2008 03:23:20, 34360 bytes | + Terminalserver-Maustreiber | Matching Device ID: root\rdp_mou | Upper Filters: mouclass | Service: TermDD | Driver: termdd.sys, 4/10/2009 23:32:54, 53224 bytes | Driver: sermouse.sys, 1/21/2008 03:23:20, 19968 bytes | Driver: mouclass.sys, 1/21/2008 03:23:20, 34360 bytes ------------------------ Disk & DVD/CD-ROM Drives ------------------------ Drive: C: Free Space: 96.4 GB Total Space: 476.9 GB File System: NTFS Model: n/a Drive: D: Model: HL-DT-ST DVD-RAM GH22NS30 ATA Device Driver: c:\windows\system32\drivers\cdrom.sys, 6.00.6002.18005 (German), 4/10/2009 21:39:18, 67072 bytes -------------- System Devices -------------- Name: PCI Standard-PCI-zu-PCI-Brücke Device ID: PCI\VEN_8086&DEV_3A4A&SUBSYS_50011458&REV_00\3&13C0B0C5&2&E5 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:56, 149480 bytes Name: PCI Standard-PCI-zu-PCI-Brücke Device ID: PCI\VEN_8086&DEV_3A40&SUBSYS_50011458&REV_00\3&13C0B0C5&2&E0 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:56, 149480 bytes Name: High Definition Audio-Controller Device ID: PCI\VEN_8086&DEV_3A3E&SUBSYS_A0021458&REV_00\3&13C0B0C5&2&D8 Driver: C:\Windows\system32\DRIVERS\hdaudbus.sys, 6.00.6002.18005 (German), 4/10/2009 21:42:44, 561152 bytes Name: Standard PCI-zu-USB erweiterter Hostcontroller Device ID: PCI\VEN_8086&DEV_3A3C&SUBSYS_50061458&REV_00\3&13C0B0C5&2&D7 Driver: C:\Windows\system32\drivers\usbehci.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:54, 39936 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hccoin.dll, 6.00.6000.16386 (English), 11/2/2006 10:46:05, 8704 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Standard PCI-zu-USB erweiterter Hostcontroller Device ID: PCI\VEN_8086&DEV_3A3A&SUBSYS_50061458&REV_00\3&13C0B0C5&2&EF Driver: C:\Windows\system32\drivers\usbehci.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:54, 39936 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hccoin.dll, 6.00.6000.16386 (English), 11/2/2006 10:46:05, 8704 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Standard PCI-zu-USB universeller Hostcontroller Device ID: PCI\VEN_8086&DEV_3A39&SUBSYS_50041458&REV_00\3&13C0B0C5&2&D2 Driver: C:\Windows\system32\drivers\usbuhci.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 23552 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Standard PCI-zu-USB universeller Hostcontroller Device ID: PCI\VEN_8086&DEV_3A38&SUBSYS_50041458&REV_00\3&13C0B0C5&2&D1 Driver: C:\Windows\system32\drivers\usbuhci.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 23552 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Standard PCI-zu-USB universeller Hostcontroller Device ID: PCI\VEN_8086&DEV_3A37&SUBSYS_50041458&REV_00\3&13C0B0C5&2&D0 Driver: C:\Windows\system32\drivers\usbuhci.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 23552 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Standard PCI-zu-USB universeller Hostcontroller Device ID: PCI\VEN_8086&DEV_3A36&SUBSYS_50041458&REV_00\3&13C0B0C5&2&EA Driver: C:\Windows\system32\drivers\usbuhci.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 23552 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Standard PCI-zu-USB universeller Hostcontroller Device ID: PCI\VEN_8086&DEV_3A35&SUBSYS_50041458&REV_00\3&13C0B0C5&2&E9 Driver: C:\Windows\system32\drivers\usbuhci.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 23552 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Standard PCI-zu-USB universeller Hostcontroller Device ID: PCI\VEN_8086&DEV_3A34&SUBSYS_50041458&REV_00\3&13C0B0C5&2&E8 Driver: C:\Windows\system32\drivers\usbuhci.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 23552 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:58, 226304 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6002.18005 (English), 4/10/2009 21:43:18, 196096 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/21/2008 03:23:03, 15872 bytes Name: Intel(R) ICH10 Family SMBus Controller - 3A30 Device ID: PCI\VEN_8086&DEV_3A30&SUBSYS_50011458&REV_00\3&13C0B0C5&2&FB Driver: n/a Name: Standard-Zweikanal-PCI-IDE-Controller Device ID: PCI\VEN_8086&DEV_3A26&SUBSYS_B0021458&REV_00\3&13C0B0C5&2&FD Driver: C:\Windows\system32\DRIVERS\pciide.sys, 6.00.6002.18005 (English), 4/10/2009 23:32:50, 14312 bytes Driver: C:\Windows\system32\DRIVERS\pciidex.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:54, 43496 bytes Driver: C:\Windows\system32\DRIVERS\atapi.sys, 4/10/2009 23:32:28, 19944 bytes Driver: C:\Windows\system32\DRIVERS\ataport.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:44, 109032 bytes Name: Standard-Zweikanal-PCI-IDE-Controller Device ID: PCI\VEN_8086&DEV_3A20&SUBSYS_B0021458&REV_00\3&13C0B0C5&2&FA Driver: C:\Windows\system32\DRIVERS\pciide.sys, 6.00.6002.18005 (English), 4/10/2009 23:32:50, 14312 bytes Driver: C:\Windows\system32\DRIVERS\pciidex.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:54, 43496 bytes Driver: C:\Windows\system32\DRIVERS\atapi.sys, 4/10/2009 23:32:28, 19944 bytes Driver: C:\Windows\system32\DRIVERS\ataport.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:44, 109032 bytes Name: PCI Standard-ISA-Brücke Device ID: PCI\VEN_8086&DEV_3A18&SUBSYS_50011458&REV_00\3&13C0B0C5&2&F8 Driver: C:\Windows\system32\DRIVERS\msisadrv.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:01, 16440 bytes Name: PCI Standard-PCI-zu-PCI-Brücke Device ID: PCI\VEN_8086&DEV_2E21&SUBSYS_50001458&REV_02\3&13C0B0C5&2&08 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:56, 149480 bytes Name: PCI Standard-Host-CPU-Brücke Device ID: PCI\VEN_8086&DEV_2E20&SUBSYS_50001458&REV_02\3&13C0B0C5&2&00 Driver: n/a Name: Intel(R) 82801 PCI-Brücke - 244E Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_50001458&REV_90\3&13C0B0C5&2&F0 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:56, 149480 bytes Name: Standard-Zweikanal-PCI-IDE-Controller Device ID: PCI\VEN_1283&DEV_8213&SUBSYS_B0001458&REV_00\4&913E092&0&28F0 Driver: C:\Windows\system32\DRIVERS\pciide.sys, 6.00.6002.18005 (English), 4/10/2009 23:32:50, 14312 bytes Driver: C:\Windows\system32\DRIVERS\pciidex.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:54, 43496 bytes Driver: C:\Windows\system32\DRIVERS\atapi.sys, 4/10/2009 23:32:28, 19944 bytes Driver: C:\Windows\system32\DRIVERS\ataport.sys, 6.00.6002.18005 (German), 4/10/2009 23:32:44, 109032 bytes Name: SB Audigy Device ID: PCI\VEN_1102&DEV_0007&SUBSYS_100A1102&REV_00\4&913E092&0&18F0 Driver: C:\Windows\system32\drivers\P17.sys, 5.12.0001.2020 (English), 10/16/2009 02:11:56, 1168896 bytes Driver: C:\Windows\system32\P17res.dll, 5.12.0001.2001 (English), 2/26/2009 01:36:34, 140800 bytes Driver: C:\Windows\system32\P17APO32.dll, 1.00.0006.0000 (English), 4/21/2009 02:38:30, 506368 bytes Driver: C:\Windows\system32\P17pld32.dll, 1.00.0006.0000 (English), 4/21/2009 02:38:50, 47104 bytes Driver: C:\Windows\system32\OemSpiE.dll, 1.00.0012.0004 (English), 8/13/2009 07:19:42, 144384 bytes Driver: C:\Windows\system32\P17RunE.dll, 1.00.0001.0002 (English), 3/28/2008 07:57:30, 14848 bytes Driver: C:\Windows\P17EP.ini, 11/13/2008 06:07:24, 2177 bytes Driver: C:\Windows\P17EPLS.ini, 6/7/2007 05:25:42, 1578 bytes Driver: C:\Windows\P17EP51.ini, 12/4/2007 05:20:30, 1489 bytes Driver: C:\Windows\ResDefE.exe, 2.00.0005.0000 (English), 8/26/2008 08:30:32, 8704 bytes Driver: C:\Windows\system32\AddCat.exe, 1.00.0000.0001 (English), 12/4/2006 13:56:48, 42496 bytes Driver: C:\Windows\system32\P17APO32.p17, 4/21/2009 02:38:06, 8035 bytes Driver: C:\Windows\system32\APOIM32.exe, 2.53.0000.0000 (English), 8/25/2009 02:31:18, 613503 bytes Driver: C:\Windows\system32\AppSetup.exe, 1.00.0024.0003 (English), 4/21/2009 10:37:06, 32177128 bytes Driver: C:\Windows\system32\ctzapxx.ini, 3/8/2005 06:17:00, 54 bytes Driver: C:\Windows\system32\ludap17.ini, 10/16/2009 06:50:54, 3930 bytes Driver: C:\Windows\system32\ctcoins1.dll, 3.00.0002.0051 (English), 7/28/2009 13:09:06, 86016 bytes Driver: C:\Windows\system32\ctdvins1.dll, 0.05.0000.0051 (English), 7/28/2009 13:09:08, 181760 bytes Driver: C:\Windows\system32\drivers\drmk.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:20, 130048 bytes Driver: C:\Windows\system32\drivers\portcls.sys, 6.00.6002.18005 (English), 4/10/2009 21:42:52, 167936 bytes Name: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) #2 Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&FEF1FEB&0&00E5 Driver: C:\Windows\system32\DRIVERS\Rtlh86.sys, 6.203.0214.2008 (English), 2/14/2008 07:56:02, 118784 bytes Name: NVIDIA GeForce 9800 GT Device ID: PCI\VEN_10DE&DEV_0614&SUBSYS_504019DA&REV_A2\4&302BF57C&0&0008 Driver: C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_bb022c7b\NvCplSetupInt.exe, 14.00.0000.0162 (English), 1/12/2010 05:03:33, 40129056 bytes Driver: C:\Windows\system32\DRIVERS\nvBridge.kmd, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 10920 bytes Driver: C:\Windows\system32\DRIVERS\nvlddmkm.sys, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 11586280 bytes Driver: C:\Windows\system32\OpenCL.dll, 1.00.0000.0000 (English), 1/12/2010 05:03:33, 68200 bytes Driver: C:\Windows\system32\dpinst.exe, 2.01.0000.0000 (German), 9/17/2008 02:55:00, 795104 bytes Driver: C:\Windows\system32\nvapi.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 1280616 bytes Driver: C:\Windows\system32\nvcompiler.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 11639400 bytes Driver: C:\Windows\system32\nvcuda.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 4061800 bytes Driver: C:\Windows\system32\nvcuvenc.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 4077672 bytes Driver: C:\Windows\system32\nvcuvid.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 2243176 bytes Driver: C:\Windows\system32\nvd3dum.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 9388648 bytes Driver: C:\Windows\system32\nvinfo.pb, 1/12/2010 05:03:33, 7437 bytes Driver: C:\Windows\system32\nvoglv32.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 14924392 bytes Driver: C:\Windows\system32\nvwgf2um.dll, 8.17.0011.9621 (English), 1/12/2010 05:03:33, 4321384 bytes Driver: C:\Program Files\NVIDIA Corporation\Uninstall\nvdisp.nvu, 1/12/2010 05:03:33, 19077 bytes Driver: C:\Program Files\NVIDIA Corporation\Uninstall\nvudisp.exe, 1.10.0052.0030 (English), 1/12/2010 05:03:33, 592488 bytes Driver: C:\Windows\system32\nvcod.dll, 1.07.0008.0073 (English), 1/12/2010 05:03:33, 182888 bytes Driver: C:\Windows\system32\nvcod189.dll, 1.07.0008.0073 (English), 1/12/2010 05:03:33, 182888 bytes Name: Texas Instruments OHCI-konformer IEEE 1394-Hostcontroller Device ID: PCI\VEN_104C&DEV_8024&SUBSYS_10001458&REV_00\4&913E092&0&38F0 Driver: C:\Windows\system32\DRIVERS\ohci1394.sys, 6.00.6002.18005 (German), 4/10/2009 21:43:06, 62208 bytes Driver: C:\Windows\system32\DRIVERS\1394bus.sys, 6.00.6001.18000 (English), 1/21/2008 03:23:21, 53376 bytes ------------------ DirectShow Filters ------------------ DirectShow Filters: QuickTime Audio Decoder Filter,0x00600800,1,1,, WMAudio Decoder DMO,0x00800800,1,1,, WMAPro over S/PDIF DMO,0x00600800,1,1,, WMSpeech Decoder DMO,0x00600800,1,1,, MP3 Decoder DMO,0x00600800,1,1,, Mpeg4s Decoder DMO,0x00800001,1,1,, WMV Screen decoder DMO,0x00600800,1,1,, WMVideo Decoder DMO,0x00800001,1,1,, QuickTime Video Decoder Filter,0x00600800,1,1,, Mpeg43 Decoder DMO,0x00800001,1,1,, Mpeg4 Decoder DMO,0x00800001,1,1,, DivX Decoder Filter,0x00800000,1,1,, Viscomsoft PSPEncoder,0x00200000,2,0,viscomdata2.dll,1.00.0000.0000 ffdshow Video Decoder,0xff800001,2,1,ffdshow.ax,1.00.0003.1316 Theora Decode Filter,0x00600000,1,1,dsfTheoraDecoder.dll, Vorbis Decode Filter,0x00600000,1,1,dsfVorbisDecoder.dll, Full Screen Renderer,0x00200000,1,0,,6.06.6002.18158 CoreVorbis Audio Decoder,0x00800000,1,1,CoreVorbis.ax,1.01.0000.0079 CoreAVC Video Decoder,0x00600000,1,1,AVCDX.ax,0.00.0000.0004 Dirac Source,0x00600000,0,0,DiracSplitter.ax,1.00.0000.0000 Matroska Source,0x00600000,0,0,MatroskaDX.ax,1.00.0002.0009 ffdshow raw video filter,0x00200000,2,1,ffdshow.ax,1.00.0003.1316 RealPlayer Video Filter,0x00200000,1,1,rdsf3260.dll,6.00.0013.0068 Multiple File Output,0x00200000,2,2,WMM2FILT.dll, Viscomsoft 3GP Encoder,0x00200000,2,0,viscom3gpenc.dll,1.00.0000.0000 MPC - Mpa Splitter,0x00600001,1,1,MpaSplitter.ax,1.02.1009.0000 WMT Black Frame Generator,0x00200000,1,1,WMM2FILT.dll, ffdshow Audio Decoder,0x3fffffff,1,1,ffdshow.ax,1.00.0003.1316 WMT Import Filter,0x00200000,0,1,WMM2FILT.dll, DV Muxer,0x00400000,0,0,,6.06.6001.18000 Matroska Splitter,0x00600000,1,1,MatroskaDX.ax,1.00.0002.0009 Color Space Converter,0x00400001,1,1,,6.06.6002.18158 WMT Interlacer,0x00200000,1,1,WMM2FILT.dll, WM ASF Reader,0x00400000,0,0,,11.00.6001.7000 DivX AAC Decoder,0x00800000,1,1,daac.ax,7.01.0000.0010 Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.6001.7000 AVI Splitter,0x00600000,1,1,,6.06.6002.18158 Viscomsoft FLV Encoder,0x00200000,2,0,viscomflvenc.dll,1.00.0000.0000 VGA 16 Color Ditherer,0x00400000,1,1,,6.06.6002.18158 RadLight Ogg Splitter,0x00800101,1,1,RLOgg.ax,1.00.0000.0002 Microsoft MPEG-2 Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,11.00.6001.7110 RadLight Vorbis Decoder,0x00800001,1,1,RLVorbisDec.ax,1.00.0000.0002 RealVideo Decoder,0x00400000,1,1,RealMediaDX.ax,1.00.0001.0001 AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.6002.18005 WMT Format Conversion,0x00200000,1,1,WMM2FILT.dll, 9x8Resize,0x00200000,1,1,WMM2FILT.dll, StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.6001.18000 WMT Virtual Source,0x00200000,0,1,WMM2FILT.dll, Microsoft TV Caption Decoder,0x00200001,1,0,MSTVCapn.dll,6.00.6001.18000 MJPEG Decompressor,0x00600000,1,1,,6.06.6002.18158 Nero Digital API Video Decoder,0x00600000,2,2,NDxVidDec.ax,2.00.0002.0046 CBVA DMO wrapper filter,0x00200000,1,1,cbva.dll,6.00.6001.18322 MPEG-I Stream Splitter,0x00600000,1,2,,6.06.6002.18158 SAMI (CC) Parser,0x00400000,1,1,,6.06.6002.18158 OGM Decode Filter,0x00600000,1,1,dsfOGMDecoder.dll, VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000 CustomFrameGrabber Filter,0x00200000,1,1,viscomframe.dll,8.01.0000.0000 MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.6002.18005 WMT AudioAnalyzer,0x00200000,1,1,WMM2FILT.dll, AAC Parser,0x00400000,1,1,aac_parser.ax,1.01.0000.0000 MP4 Source,0x00600000,0,0,MP4Splitter.ax,1.00.0000.0005 Microsoft MPEG-2 Video Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6001.7000 Stretch Video,0x00200000,1,1,WMM2FILT.dll, Nero QuickTime(tm) Video Decoder,0x00400000,1,1,NeQTDec.ax,4.02.0004.0008 FLV Splitter,0x00600000,1,1,flvDX.dll,1.00.0000.0001 Internal Script Command Renderer,0x00800001,1,0,,6.06.6002.18158 MPEG Audio Decoder,0x03680001,1,1,,6.06.6002.18158 WavPack Audio Decoder,0x00600000,1,1,WavPackDSDecoder.ax,1.01.0000.0484 DV Splitter,0x00600000,1,2,,6.06.6001.18000 Video Mixing Renderer 9,0x00200000,1,0,,6.06.6002.18158 Subtitle VMR9 Filter,0x00800002,1,1,dsfSubtitleVMR9.dll, Dirac Splitter,0x00600000,1,1,DiracSplitter.ax,1.00.0000.0000 MPC - Mpa Source,0x00600001,0,0,MpaSplitter.ax,1.02.1009.0000 Theora Encode Filter,0x00200000,1,1,dsfTheoraEncoder.dll, Vorbis Encode Filter,0x00200000,1,1,dsfVorbisEncoder.dll, Nero ES Video Reader,0x00600000,0,1,NDParser.ax,4.02.0004.0008 Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,11.00.6001.7000 Frame Eater,0x00200000,1,1,WMM2FILT.dll, MP4 Splitter,0x00600001,1,1,MP4Splitter.ax,1.00.0000.0005 Allocator Fix,0x00200000,1,1,WMM2FILT.dll, Xvid MPEG-4 Video Decoder,0x00800000,1,1,xvid.ax, File Source (Monkey Audio),0x00400000,0,1,MonkeySource.ax, ACM Wrapper,0x00600000,1,1,,6.06.6002.18158 CoreAAC Audio Decoder,0x00800000,1,1,CoreAAC.ax,1.02.0000.0575 madFlac Decoder,0x00600000,1,1,madFlac.ax,1.08.0000.0000 Viscomsoft QuickTime Source Filter,0x00200000,0,1,viscomqtde.dll,4.00.0019.0000 Video Renderer,0x00800001,1,0,,6.06.6002.18158 Annodex Mux Filter,0x00200000,1,0,dsfAnxMux.dll, MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.6001.18000 MPC - Ogg Source,0x00600001,0,0,OggSplitter.ax,1.02.1009.0000 Capture ASF Writer,0x00200000,0,0,WMM2FILT.dll, Line 21 Decoder,0x00600000,1,1,,6.06.6002.18005 Video Port Manager,0x00600000,2,1,,6.06.6002.18158 DivX H.264 Decoder,0x00800000,1,1,DivXDecH264.ax,8.02.0000.0026 Speex Encode Filter,0x00200000,1,1,dsfSpeexEncoder.dll, Video Renderer,0x00400000,1,0,,6.06.6002.18158 Bitmap Generate,0x00200000,1,1,WMM2FILT.dll, Proxy Sink,0x00200000,1,0,WMM2FILT.dll, Speex Decode Filter,0x00600000,1,1,dsfSpeexDecoder.dll, RealMedia Source,0x00600000,0,0,RealMediaDX.ax,1.00.0001.0001 FLAC Encode Filter,0x00200000,1,1,dsfFLACEncoder.dll, Proxy Source,0x00200000,0,1,WMM2FILT.dll, WM ASF Writer,0x00400000,0,0,,11.00.6001.7000 Viscomsoft Tranform VE Filter,0x00200000,1,1,viscomtran.dll,1.00.0000.0000 FLV Video Decoder,0x00600000,1,1,flvDX.dll,1.00.0000.0001 VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.00.6001.18000 Viscomsoft iPodEncoder,0x00200000,2,0,viscomdata1.dll,1.00.0000.0000 WMT Sample Information Filter,0x00200000,1,1,WMM2FILT.dll, File writer,0x00200000,1,0,,6.06.6001.18000 VCDShow,0x00200000,2,0,viscomdata3.dll,1.00.0000.0000 DirectVobSub,0x00200000,2,1,vsfilter.dll,2.39.0005.0001 RealAudio Decoder,0x00400000,1,1,RealMediaDX.ax,1.00.0001.0001 DirectVobSub (auto-loading version),0x00800002,2,1,vsfilter.dll,2.39.0005.0001 DVD Navigator,0x00200000,0,3,,6.06.6002.18005 WMT DV Extract,0x00200000,1,1,WMM2FILT.dll, MPC - Ogg Splitter,0x00400000,1,1,OggSplitter.ax,1.02.1009.0000 Overlay Mixer2,0x00200000,1,1,,6.06.6002.18005 Subtitle Source,0x00200000,0,1,DVobSub.ax,2.00.0023.0000 RadLight Speex Decoder,0x00600000,1,1,RLSpeexDec.ax,1.00.0000.0000 DivX MKV Demux,0x00200000,0,1,DMFSource.ax,1.00.0001.0004 AC3Filter,0x40000000,1,1,ac3DX.ax,1.00.0001.0000 AVI Draw,0x00600064,9,1,,6.06.6002.18158 DC-Bass Source,0x00400000,0,1,DCBassSource.ax,1.02.0000.0000 Microsoft MPEG-2 Audio Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6001.7000 WST Pager,0x00800000,1,1,WSTPager.ax,6.06.6001.18000 MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.6002.18005 Record Queue,0x00200000,1,1,WMM2FILT.dll, Viscomsoft FLV Decoder,0x00800000,0,2,viscomflvdec_licenseto_astonsoft.dll,1.00.0000.0000 DV Video Decoder,0x00800000,1,1,,6.06.6001.18000 RealPlayer Transcode Filter,0x00600000,0,0,rdsf3260.dll,6.00.0013.0068 CMML Raw Source Filter,0x00600000,0,0,dsfCMMLRawSource.dll, Viscom Audio Encoder,0x00200000,1,0,viscomaudioencoder.dll,9.00.0000.0000 ffdshow Audio Processor,0x00200000,1,1,ffdshow.ax,1.00.0003.1316 CMML Decode Filter,0x00800002,1,1,dsfCMMLDecoder.dll, SampleGrabber,0x00200000,1,1,qedit.dll,6.06.6002.18005 Null Renderer,0x00200000,1,0,qedit.dll,6.06.6002.18005 VP7 Decompressor,0x00800000,1,1,vp7dec.ax,7.00.0010.0000 WMT Log Filter,0x00200000,1,1,WMM2FILT.dll, madFlac Source,0x00600000,0,1,madFlac.ax,1.08.0000.0000 MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.6001.18000 Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,11.00.6001.7000 WMT Virtual Renderer,0x00200000,1,0,WMM2FILT.dll, FLV Source,0x00600000,0,0,flvDX.dll,1.00.0000.0001 StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.6001.18000 Smart Tee,0x00200000,1,2,,6.06.6001.18000 Overlay Mixer,0x00200000,0,0,,6.06.6002.18005 RealPlayer Audio Filter,0x00200000,1,1,rdsf3260.dll,6.00.0013.0068 AVI Decompressor,0x00600000,1,1,,6.06.6002.18158 WMT MuxDeMux Filter,0x00200000,0,0,WMM2FILT.dll, NetBridge,0x00200000,2,0,netbridge.dll,6.01.6001.18000 Viscomsoft QuickTime Writer,0x00200000,1,0,viscomqtenc.dll,1.00.0000.0000 AVI/WAV File Source,0x00400000,0,2,,6.06.6002.18158 MPEG4 Video Splitter,0x00600000,1,1,MP4Splitter.ax,1.00.0000.0005 WMT Volume,0x00200000,1,1,WMM2FILT.dll, Wave Parser,0x00400000,1,1,,6.06.6002.18158 MIDI Parser,0x00400000,1,1,,6.06.6002.18158 Multi-file Parser,0x00400000,1,1,,6.06.6002.18158 File stream renderer,0x00400000,1,1,,6.06.6002.18158 Nero QuickTime(tm) Audio Decoder,0x00400000,1,1,NeQTDec.ax,4.02.0004.0008 WavPack Audio Splitter,0x00600000,1,1,WavPackDSSplitter.ax,1.01.0000.0323 ffdshow subtitles filter,0x00200000,2,1,ffdshow.ax,1.00.0005.2945 WMT VIH2 Fix,0x00200000,1,1,WMM2FILT.dll, Microsoft MPEG-1/DD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,11.00.6001.7000 Nero Digital Parser,0x00600000,0,3,NDParser.ax,4.02.0004.0008 RealMedia Splitter,0x00600000,1,1,RealMediaDX.ax,1.00.0001.0001 AVI Mux,0x00200000,1,0,,6.06.6001.18000 MPEG4 Video Source,0x00600000,0,0,MP4Splitter.ax,1.00.0000.0005 Line 21 Decoder 2,0x00600002,1,1,,6.06.6002.18158 File Source (Async.),0x00400000,0,1,,6.06.6002.18158 File Source (URL),0x00400000,0,1,,6.06.6002.18158 Media Center Extender Encryption Filter,0x00200000,2,2,Mcx2Filter.dll,6.01.6002.18005 AudioRecorder WAV Dest,0x00200000,0,0,,6.00.6001.18000 AudioRecorder Wave Form,0x00200000,0,0,,6.00.6001.18000 SoundRecorder Null Renderer,0x00200000,0,0,,6.00.6001.18000 RadLight Theora Decoder,0x00600000,1,1,RLTheoraDec.ax,1.00.0000.0003 AC3File,0x00600000,0,1,ac3file.ax, Dirac Video Decoder,0x00400000,1,1,DiracSplitter.ax,1.00.0000.0000 Infinite Pin Tee Filter,0x00200000,1,1,,6.06.6001.18000 WMT Switch Filter,0x00200000,1,1,WMM2FILT.dll, Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.00.6002.18005 Uncompressed Domain Shot Detection Filter,0x00200000,1,1,WMM2FILT.dll, BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.6002.18005 MPEG Video Decoder,0x40000001,1,1,,6.06.6002.18158 WDM Streaming-Tee/Splitter-Geräte: Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,,6.00.6001.18000 Video Compressors: WMVideo8 Encoder DMO,0x00600800,1,1,, WMVideo9 Encoder DMO,0x00600800,1,1,, MSScreen 9 encoder DMO,0x00600800,1,1,, DV Video Encoder,0x00200000,0,0,,6.06.6001.18000 ffdshow video encoder,0x00100000,1,1,ffdshow.ax,1.00.0003.1316 MJPEG Compressor,0x00200000,0,0,,6.06.6002.18158 Nero Digital API Video Enc,0x00200000,1,2,NDxVidEnc.ax,2.06.0004.0080 Cinepak Codec von Radius,0x00200000,1,1,,6.06.6001.18000 DivX 6.8.5 Codec (2 Logical CPUs),0x00200000,1,1,,6.06.6001.18000 ffdshow Video Codec,0x00200000,1,1,,6.06.6001.18000 Helix I420 YUV Codec,0x00200000,1,1,,6.06.6001.18000 Intel Indeo(R) Video R3.2,0x00200000,1,1,,6.06.6001.18000 Intel Indeo® Video 4.5,0x00200000,1,1,,6.06.6001.18000 Indeo® Video 5.10,0x00200000,1,1,,6.06.6001.18000 Intel IYUV Codec,0x00200000,1,1,,6.06.6001.18000 Microsoft RLE,0x00200000,1,1,,6.06.6001.18000 Microsoft Video 1,0x00200000,1,1,,6.06.6001.18000 VP60® Simple Profile ,0x00200000,1,1,,6.06.6001.18000 VP61® Advanced Profile,0x00200000,1,1,,6.06.6001.18000 XviD MPEG-4 Codec,0x00200000,1,1,,6.06.6001.18000 Helix YV12 YUV Codec,0x00200000,1,1,,6.06.6001.18000 Audio Compressors: WM Speech Encoder DMO,0x00600800,1,1,, WMAudio Encoder DMO,0x00600800,1,1,, IAC2,0x00200000,1,1,,6.06.6002.18158 IMA ADPCM,0x00200000,1,1,,6.06.6002.18158 PCM,0x00200000,1,1,,6.06.6002.18158 Microsoft ADPCM,0x00200000,1,1,,6.06.6002.18158 ACELP.net,0x00200000,1,1,,6.06.6002.18158 GSM 6.10,0x00200000,1,1,,6.06.6002.18158 Messenger Audio Codec,0x00200000,1,1,,6.06.6002.18158 SHARP G.726,0x00200000,1,1,,6.06.6002.18158 CCITT A-Law,0x00200000,1,1,,6.06.6002.18158 CCITT u-Law,0x00200000,1,1,,6.06.6002.18158 NCT ALF2 CD,0x00200000,1,1,,6.06.6002.18158 AC-3 ACM Codec,0x00200000,1,1,,6.06.6002.18158 Lame MP3,0x00200000,1,1,,6.06.6002.18158 Audio Capture Sources: Mikrofon (SB Audigy),0x00200000,0,0,,6.06.6001.18000 Digitales Eingangsgerät (SPDIF),0x00200000,0,0,,6.06.6001.18000 Line-In (SB Audigy),0x00200000,0,0,,6.06.6001.18000 S/PDIF-In (SB Audigy),0x00200000,0,0,,6.06.6001.18000 Midi Renderers: Default MidiOut Device,0x00800000,1,0,,6.06.6002.18158 Microsoft GS Wavetable Synth,0x00200000,1,0,,6.06.6002.18158 WDM Streaming-Capturegeräte: HD Audio Digitaler Eingang,0x00200000,1,1,,6.00.6001.18000 SB Audigy,0x00200000,1,1,,6.00.6001.18000 SB Audigy,0x00200000,2,2,,6.00.6001.18000 WDM Streaming-Wiedergabegeräte: HD Audio-SPDIF-Ausgabe,0x00200000,1,1,,6.00.6001.18000 SB Audigy,0x00200000,1,1,,6.00.6001.18000 SB Audigy,0x00200000,2,2,,6.00.6001.18000 BDA Network Providers: Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386 Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386 Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386 Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386 Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.6002.18005 Multi-Instance Capable VBI Codecs: VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000 BDA Transport Information Renderers: BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.6002.18005 MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.6001.18000 BDA CP/CA Filters: Decrypt/Tag,0x00600000,1,0,EncDec.dll,6.06.6002.18005 Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.6002.18005 XDS Codec,0x00200000,0,0,EncDec.dll,6.06.6002.18005 WDM Streaming-Kommunikations-Transforms: Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,,6.00.6001.18000 Audio Renderers: Lautsprecher (SB Audigy),0x00200000,1,0,,6.06.6002.18158 Default DirectSound Device,0x00800000,1,0,,6.06.6002.18158 Default WaveOut Device,0x00200000,1,0,,6.06.6002.18158 Digitale Audioschnittstelle (SB,0x00200000,1,0,,6.06.6002.18158 Digitales Ausgabegerät (SPDIF) ,0x00200000,1,0,,6.06.6002.18158 DirectSound: Digitale Audioschnittstelle (SB Audigy),0x00200000,1,0,,6.06.6002.18158 DirectSound: Digitales Ausgabegerät (SPDIF) (High Definition Audio-Gerät),0x00200000,1,0,,6.06.6002.18158 DirectSound: Lautsprecher (SB Audigy),0x00200000,1,0,,6.06.6002.18158 |
|
16.02.2010, 19:06
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner eingefangen? Browser und Programme spinnen Hallo und
__________________ Zitat:
Wenn eine Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten. Danach diese Liste beachten und abarbeiten. Beim Scan mit MalwareBytes auch alle externen Speicher (ext. Platten, USB-Sticks, ... mit anklemmen!! ) Wichtig für Benutzer mit Windows Vista und Windows 7: Bitte alle Tools per Rechtsklick => Als Admin ausführen! Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.
__________________ |
|
17.02.2010, 09:04
| #3 |
| | Trojaner eingefangen? Browser und Programme spinnen Ok, hab diverse Antivirus-Programme komplett durchlaufen lassen (Spybot, SUPERantispyware, Antivir) und immer wieder mit Hijackthis überprüft. Das Problem mit den Programmen hat sich soweit erledigt, jedenfalls tritt es nicht mehr auf, allerdings spinnen meine Browser noch und leiten mich zu allerlei Seiten weiter. Hier ein aktueller Hijack-Log
__________________Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:00:43, on 17.02.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\PROFIL~1.EXE C:\PROGRA~1\T-Online\T-ONLI~2\Notifier\Notifier.exe C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/service/redir/ie_t-online.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.t-online.de/service/redir/ie_suche.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/service/redir/ie_t-online.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von T-Online International AG R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'Default user') O8 - Extra context menu item: &NeoTrace It! - C:\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\NEOTRA~1\NTXtoolbar.htm (HKCU) O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 7846 bytes |
|
17.02.2010, 09:33
| #4 |
| | Trojaner eingefangen? Browser und Programme spinnen Btw (und deshalb ein neuer Post): Was bedeuten folgende Einträge bei Hijack? O2 - BHO: (no name) - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file) O17 - HKLM\System\CCS\Services\Tcpip\..\{81D160E9-75A8-41E0-AF92-3A0580F12F73}: NameServer = 217.0.43.1 217.0.43.193 Wenn ich diese lösche funktionieren Suchmaschinen, die ich im Browser aufrufen will, nicht mehr bzw. es kann keine Verbindung zu ihnen hergestellt werden. |
|
17.02.2010, 12:30
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner eingefangen? Browser und Programme spinnen Bitte verzettel Dich nicht in einzelnen HijackThis EInträgen, Du solltest wie in der Anleitung erwähnt alle Logfiles posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.02.2010, 15:05
| #6 |
| | Trojaner eingefangen? Browser und Programme spinnen Oh Sry, war nicht verzettelnd gemeint. Habe erst jetzt gemerkt, dass ich den Schritt mit dem "Datein sichtbar machen" überlesen hatte. Hier die VirusTotal-Ergebnisse. Anmerkung: Die Anwendung Ah0.exe ist weg, scheinbar hat sie schon ein Virusprogramm erwischt, dafür ist im selben Ordner der Datei tueroif.exe, die Datei tuoco.exe auffällig und is auch durch VirusTotal gelaufen. http://www.virustotal.com/de/analisis/991ae6a7ba42e37260932f6fb1913415706293487c0309ca8352d41b7927806e-1266414862 http://www.virustotal.com/de/analisis/8bdcf3bdd01ecc07fa017af27abc6cd5e9d32ef4dec85ce78157abcf2792a48f-1266415097 Gehe jetzt nochmal die Anleitung durch. |
|
17.02.2010, 15:10
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner eingefangen? Browser und Programme spinnen Das scheint neue Malware zu sein. Bitte lade die beiden Dateien, die Du ausgewertet hast, bei uns hoch, wir schicken die dann zu den Virenscanner-Herstellern => http://www.trojaner-board.de/54791-a...ner-board.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.02.2010, 15:13
| #8 |
| | Trojaner eingefangen? Browser und Programme spinnen Gesagt, getan. |
|
17.02.2010, 16:05
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner eingefangen? Browser und Programme spinnen Hab die beiden Dateien verschickt. Wie weit bist Du mit der Liste?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.02.2010, 16:21
| #10 |
| | Trojaner eingefangen? Browser und Programme spinnen Malwarebytes-Anti-Malware läuft gerade durch, sind auch schon ein paar treffer dabei, aber das Resultat kommt erst in eine paar Minuten, hoff ich. |
|
17.02.2010, 16:48
| #11 |
| | Trojaner eingefangen? Browser und Programme spinnen Der Malware-Report Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3746 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 17.02.2010 16:47:51 mbam-log-2010-02-17 (16-47-51).txt Scan-Methode: Vollständiger Scan (C:\|) Durchsuchte Objekte: 482741 Laufzeit: 1 hour(s), 38 minute(s), 17 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 6 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
17.02.2010, 16:53
| #12 |
| | Trojaner eingefangen? Browser und Programme spinnen Die Info.txt von Random info.txt logfile of random's system information tool 1.06 2010-02-17 16:49:35 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}\Setup.exe" -L0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52739387-B81C-4C55-9593-EB7A1044A657}\Setup.exe" -L0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x7 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 9.1.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Age of Empires III-->C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\setup.exe -runfromtemp -l0x0407 Airline Tycoon - Deluxe-->C:\PROGRA~1\AIRLIN~1\UNWISE.EXE C:\PROGRA~1\AIRLIN~1\INSTALL.LOG ANNO 1404-->"C:\Program Files\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\setup.exe" -runfromtemp -l0x0007 -removeonly Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0007 -removeonly Audacity 1.2.6-->"C:\Audacity\unins000.exe" Aufstieg des Hexenkönigs™-->C:\Program Files\Electronic Arts\Aufstieg des Hexenkönigs\EAUninstall.exe Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe" CAESAR IV-->C:\Program Files\InstallShield Installation Information\{B7666229-351B-47D9-AA6F-DF777CF04BBF}\setup.exe -runfromtemp -l0x0007 -removeonly Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.4.1 Patch-->C:\Program Files\InstallShield Installation Information\{97EE1BAC-C04F-4935-8110-B1BBAB99D09D}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0407 Call of Duty: Modern Warfare 2 - Multiplayer-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10190 Call of Duty: Modern Warfare 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10180 CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" cFos 2000/XP/Vista DSL/ISDN Driver 7.53.3089-->"C:\Program Files\cFos\setup.exe" -d -type1 Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Civ3 Conquests v1.22 Full-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C2BF3B9-7E8A-49DE-B662-3656FE60BB01}\Setup.exe" Civ3MultiTool-->"C:\Program Files\C3MT\unins000.exe" Civilization III: Conquests-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F31BC49F-AB7B-4A53-A399-EB7331B585BC}\setup.exe" -l0x7 Civilization III-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}\setup.exe" CoH Cheat Mod v2.301-->"C:\Program Files\InstallShield Installation Information\{0815DBB1-B3A7-4C43-8F3A-48CBADEBB86C}\setup.exe" -runfromtemp -l0x0009 -removeonly Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32} Command & Conquer™ 3: Kanes Rache-->MsiExec.exe /I{CC2422C9-F7B5-4175-B295-5EC2283AA674} Command & Conquer™ Alarmstufe Rot 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715} Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35} Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18} Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1} Company of Heroes - FAKEMSI-->MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D} Company of Heroes - FAKEMSI-->MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98} Company of Heroes - FAKEMSI-->MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379} Company of Heroes - FAKEMSI-->MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F} Company of Heroes - FAKEMSI-->MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3} Company of Heroes - FAKEMSI-->MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D} Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1} Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E} Company of Heroes - FAKEMSI-->MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519} Company of Heroes - FAKEMSI-->MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671} Company of Heroes - FAKEMSI-->MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F} Company of Heroes-->"C:\Program Files\THQ\Company of Heroes\Uninstall_German.exe" CPU-Control-->"C:\Program Files\CPU-Control\unins000.exe" Crazy Machines II-->MsiExec.exe /X{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1} Creative Audio-Systemsteuerung-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 /remove Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7 /remove Dawn of War - Soulstorm-->"C:\Program Files\InstallShield Installation Information\{20533183-D42D-4261-A125-956736FBEA8C}\setup.exe" -runfromtemp -l0x0007 -removeonly DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0} Die 15 beliebtesten Kartenspiele-->"C:\Program Files\Die 15 beliebtesten Kartenspiele\unins000.exe" Die Gilde 2 Venedig Patch 3.5-->MsiExec.exe /I{3A29CC30-8E1A-430C-8E5B-A52CA2F3F9DA} Die Gilde 2 Venedig-->MsiExec.exe /I{B5DD0F28-0167-4F1E-A114-06AB8DC82D81} Die Schlacht um Mittelerde™ II-->C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II\EAUninstall.exe Die Sims 2: Open For Business-->C:\Program Files\EA GAMES\Die Sims 2 Open For Business\EAUninstall.exe Die Sims 2-->C:\Program Files\EA GAMES\Die Sims 2\EAUninstall.exe DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EA Download Manager UI-->msiexec /qb /x {9901E703-D169-7139-1EA3-11AA788D09E6} EA Download Manager UI-->MsiExec.exe /I{9901E703-D169-7139-1EA3-11AA788D09E6} EA Download Manager-->C:\Electronic Arts\EADM\EADMUninstall.exe EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37} Eigenschaften von Creative Sound Blaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7 /remove Emergency 4 Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}\setup.exe" -l0x7 Empire: Total War-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10500 FEAR Extraction Point-->C:\Program Files\InstallShield Installation Information\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}\setup.exe -runfromtemp -l0x0007 -removeonly ffdshow [rev 1324] [2007-07-01]-->"C:\Program Files\The FilmMachine\ffdshow\unins000.exe" Finale 2009-->C:\Finale 2009\uninstallFinale.exe Freeciv 2.1.9 (GTK+ client)-->"C:\Program Files\Freeciv-2.1.9-gtk2\uninstall.exe" FUSSBALL MANAGER 10-->C:\EA SPORTS\FUSSBALL MANAGER 10\eauninstall.exe GameShadow-->MsiExec.exe /I{D98C9637-93DA-44DB-B73A-B11A1192AB26} GameWiz32-->C:\Windows\system32\GKSUI18.EXE C:\Program Files\GameWiz32\Uninstall0E06.DAT GIMP 2.6.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" Guild 2 King's Edition-->MsiExec.exe /I{378BA9B5-DB6C-41DB-BE93-86CD198A8A9E} Guitar Pro 5.0-->"C:\Guitar Pro 5.0\unins000.exe" Half-Life 2: Deathmatch-->"C:\Program Files\Steam\steam.exe" steam://uninstall/320 Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220 Heroes of Might & Magic V: Hammers of Fate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66FF4C48-0083-4E60-8556-B883AB200091}\setup.exe" -l0x7 HERRSCHER DES OLYMP - ZEUS & HERRSCHER von ATLANTIS - POSEIDON-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8043219B-D2C0-4561-90AB-3F1113ED5A87}\Setup.exe" Hex-Editor MX-->"C:\Program Files\Hex-Editor MX\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} KKND Krossfire-->C:\Windows\IsUninst.exe -f"c:\program files\KKND Krossfire\Uninst.isu" K-Lite Codec Pack 4.8.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Medieval II Total War : Kingdoms : Americas-->C:\Program Files\InstallShield Installation Information\{75983B66-804C-40D1-BA13-64DAF652A6F1}\setup.exe -runfromtemp -l0x0007 -removeonly Medieval II Total War : Kingdoms : Britannia-->C:\Program Files\InstallShield Installation Information\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}\setup.exe -runfromtemp -l0x0007 -removeonly Medieval II Total War : Kingdoms : Crusades-->C:\Program Files\InstallShield Installation Information\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}\setup.exe -runfromtemp -l0x0007 -removeonly Medieval II Total War : Kingdoms : Teutonic-->C:\Program Files\InstallShield Installation Information\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}\setup.exe -runfromtemp -l0x0007 -removeonly Medieval II Total War-->C:\Program Files\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\setup.exe -runfromtemp -l0x0007 -removeonly MegaTrainer XL V1.5.8.0-->"C:\MegaTrainer XL\unins000.exe" Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Corporation-->MsiExec.exe /I{7B08D306-7266-4647-A926-2F78817ED1E0} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C} Microsoft LifeCam-->MsiExec.exe /X{6BCB7EAA-598C-4836-B7EA-3642E41AA222} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE} Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2} Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE} Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8} Mix-FX-->"C:\Program Files\Mix-FX\uninstall.exe" MozBackup 1.4.9-->C:\Program Files\MozBackup\Uninstall.exe Mozilla Firefox (3.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} NeoTrace Express 3.25-->C:\NEOTRA~1\UNWISE.EXE C:\NEOTRA~1\INSTALL.LOG neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Nullsoft Install System-->"C:\Program Files\NSIS\uninst-nsis.exe" NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI NVIDIA PhysX-->MsiExec.exe /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F} Patrizier II Gold-->"C:\Program Files\PATRIZIER II Gold\unins000.exe" Pizza Connection 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DA47ABC4-52DF-468D-988D-B9E768A3DF52}\setup.exe" PokerStars.net-->"C:\Program Files\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net Politik Simulator-->C:\Windows\GPS 2008 GERMAN Uninstaller.exe Populous: The Beginning-->C:\Windows\IsUn0407.exe -f"C:\Program Files\Bullfrog\Populous - The Beginning\Uninst.isu" -c"C:\Program Files\Bullfrog\Populous - The Beginning\uninst.dll" Power Tab Editor 1.7-->MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3} PowerArchiver 2010 German-->MsiExec.exe /I{A8740268-638C-4AD4-BB8A-9B1E5C493A30} QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} Real Alternative 1.7.5-->"C:\Program Files\Real Alternative\unins000.exe" RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0007 -removeonly Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0007 -removeonly Sacred 2-->MsiExec.exe /I{1023383E-D9F6-478C-A965-23A4657B3C9A} ScummVM 0.13.1a-->"C:\Program Files\ScummVM\unins000.exe" Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Shockwave-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log Sid Meier's Alpha Centauri-->C:\Windows\IsUn0407.exe -f"C:\Program Files\Firaxis Games\Sid Meier's Alpha Centauri\Uninst.isu" Sid Meier's Civilization 4 - Beyond the Sword-->C:\Program Files\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe -runfromtemp -l0x0007 -removeonly Sid Meier's Civilization 4 - Warlords-->C:\Program Files\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe -runfromtemp -l0x0007 -removeonly Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x7 -removeonly Sid Meier's Civilization IV Colonization-->C:\Program Files\InstallShield Installation Information\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}\setup.exe -runfromtemp -l0x0007 -removeonly SimCity™ Societies Reisewelten-->MsiExec.exe /X{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593} SimCity™ Societies-->C:\Games\Electronic Arts\SimCity™ Societies\SCS Uninstaller.exe -FromAddRemove SimCity™ Societies-->MsiExec.exe /X{0B5154C0-8F00-4616-B0AB-6240AE80D9CE} Snagit 9.1.2-->MsiExec.exe /I{B440D659-FECA-4BDD-A12B-5C9F05790FF3} Source SDK Base-->"C:\Program Files\Steam\steam.exe" steam://uninstall/215 Source SDK-->"C:\Program Files\Steam\steam.exe" steam://uninstall/211 Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Star Wars Republic Commando-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}\Setup.exe" -l0x7 Starcraft-->C:\Windows\SCunin.exe C:\Windows\SCunin.dat Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Still Life-->C:\Program Files\Microids\Still Life\uninst.exe STILLLIFE2 version 1.0-->"C:\Program Files\Microids\StillLife2\unins000.exe" SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0 Super nude patch II 2.5-->C:\Windows\iun6002.exe "C:\Users\Wolfi\Documents\EA Games\Die Sims 2\Downloads\irunin.ini" SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} SweetIM Toolbar for Internet Explorer 3.3-->MsiExec.exe /X{266C7330-C0F4-49E5-8F20-A56F9F822875} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe T-Online 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8283FCCD-AC71-4DC1-A81E-4F244FBBE11D}\setup.exe" CPAS T-Online 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}\Setup.exe" CPAS T-Online WLAN-Access Finder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}\Setup.exe" -L0x7 Tropico 3 1.00-->"C:\Program Files\Kalypso\Tropico 3\uninst.exe" TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331} Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF} Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96} Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1} Vampire - The Masquerade Bloodlines-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C4E2A4A7-B623-40CB-8EEA-72F577E49D56} /l1031 VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Video DVD Maker v3.20.0.50-->"C:\Program Files\Video DVD Maker\Uninstall.exe" "C:\Program Files\Video DVD Maker\install.log" -u VirtualFem-->MsiExec.exe /I{BAE4D301-FE3F-4B41-813C-81165BD1FB30} Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe" Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4} Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19} Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinRAR-->C:\Program Files\WinRAR\uninstall.exe WinUHA 2.0 RC1 (2005.02.27)-->"C:\Program Files\WinUHA\unins000.exe" X-Change 3-->C:\Windows\unvise32.exe C:\Program Files\X-Change 3\uninstal.log Xilisoft DVD Creator-->C:\Program Files\Xilisoft\DVD Creator3\Uninstall.exe Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe" YUME MIRU KUSURI-->C:\Program Files\InstallShield Installation Information\{03ABC33C-10B1-400E-B1FA-E817FE98D11C}\setup.exe -runfromtemp -l0x0009 -removeonly =====HijackThis Backups===== O17 - HKLM\System\CCS\Services\Tcpip\..\{81D160E9-75A8-41E0-AF92-3A0580F12F73}: NameServer = 217.0.43.1 217.0.43.193 [2010-02-16] O4 - HKCU\..\Run: [tuoco] C:\Users\Wolfi\tuoco.exe [2010-02-16] F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\sdra64.exe, [2010-02-16] O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Wolfi\AppData\Local\Temp\Ah0.exe [2010-02-16] O4 - HKCU\..\Run: [tueroif] C:\Users\Wolfi\tueroif.exe [2010-02-16] O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Wolfi\AppData\Local\Temp\Ah0.exe [2010-02-16] O4 - HKCU\..\Run: [tueroif] C:\Users\Wolfi\tueroif.exe [2010-02-16] O4 - HKCU\..\Run: [tuoco] C:\Users\Wolfi\tuoco.exe [2010-02-16] R3 - URLSearchHook: (no name) - - (no file) [2010-02-16] R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll [2010-02-16] O17 - HKLM\System\CCS\Services\Tcpip\..\{81D160E9-75A8-41E0-AF92-3A0580F12F73}: NameServer = 217.0.43.1 217.0.43.193 [2010-02-16] R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-02-16] O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-02-16] O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-02-17] O17 - HKLM\System\CCS\Services\Tcpip\..\{81D160E9-75A8-41E0-AF92-3A0580F12F73}: NameServer = 217.0.43.1 217.0.43.193 [2010-02-17] ======Hosts File====== 127.0.0.1 99.189.54 127.0.0.1 99.189.52 127.0.0.1 99.14.103 127.0.0.1 98.223.73 127.0.0.1 97.80.137 127.0.0.1 95.134.16 127.0.0.1 95.133.8. 127.0.0.1 95.133.23 127.0.0.1 95.133.23 127.0.0.1 95.133.14 ======Security center information====== AS: Windows Defender AS: SUPERAntiSpyware ======System event log====== Computer Name: Wolfi-PC Event Code: 4371 Message: Windows-Wartung hat begonnen, den Status des Pakets KB958687(Security Update) von Installiert(Installed) in Installiert(Installed) zu ändern. Record Number: 210075 Source Name: Microsoft-Windows-Servicing Time Written: 20100215161943.000000-000 Event Type: Informationen User: Wolfi-PC\Wolfi Computer Name: Wolfi-PC Event Code: 4371 Message: Windows-Wartung hat begonnen, den Status des Pakets KB958687(Security Update) von Installiert(Installed) in Installiert(Installed) zu ändern. Record Number: 210074 Source Name: Microsoft-Windows-Servicing Time Written: 20100215161943.000000-000 Event Type: Informationen User: Wolfi-PC\Wolfi Computer Name: Wolfi-PC Event Code: 4371 Message: Windows-Wartung hat begonnen, den Status des Pakets KB958687(Security Update) von Installiert(Installed) in Installiert(Installed) zu ändern. Record Number: 210073 Source Name: Microsoft-Windows-Servicing Time Written: 20100215161943.000000-000 Event Type: Informationen User: Wolfi-PC\Wolfi Computer Name: Wolfi-PC Event Code: 4371 Message: Windows-Wartung hat begonnen, den Status des Pakets KB958687(Security Update) von Installiert(Installed) in Installiert(Installed) zu ändern. Record Number: 210072 Source Name: Microsoft-Windows-Servicing Time Written: 20100215161943.000000-000 Event Type: Informationen User: Wolfi-PC\Wolfi Computer Name: Wolfi-PC Event Code: 4371 Message: Windows-Wartung hat begonnen, den Status des Pakets KB958687(Security Update) von Installiert(Installed) in Installiert(Installed) zu ändern. Record Number: 210071 Source Name: Microsoft-Windows-Servicing Time Written: 20100215161943.000000-000 Event Type: Informationen User: Wolfi-PC\Wolfi =====Application event log===== Computer Name: Wolfi-PC Event Code: 8224 Message: Der VSS-Dienst wird aufgrund eines Leerlaufzeitlimits heruntergefahren. Record Number: 11795 Source Name: VSS Time Written: 20090425104147.000000-000 Event Type: Informationen User: Computer Name: Wolfi-PC Event Code: 20225 Message: CoID={F47625B0-2362-4663-9E2F-21EBDE3BAB94}: Der Benutzer "Wolfi-PC\Wolfi" hat erfolgreich eine Verbindung mit dem Namen "T-Online 6.0" mit dem RAS-Server hergestellt. Die Verbindungsparameter lauten: TunnelIpAddress = 79.201.182.4 TunnelIpv6Address = None Dial-in User = 0002405949215200607886730001@t-online.de. Record Number: 11794 Source Name: RasClient Time Written: 20090425104130.000000-000 Event Type: Informationen User: Computer Name: Wolfi-PC Event Code: 20224 Message: CoID={F47625B0-2362-4663-9E2F-21EBDE3BAB94}: Die Verbindung mit dem RAS-Server wurde von Benutzer "Wolfi-PC\Wolfi" hergestellt. Record Number: 11793 Source Name: RasClient Time Written: 20090425104125.000000-000 Event Type: Informationen User: Computer Name: Wolfi-PC Event Code: 20223 Message: CoID={F47625B0-2362-4663-9E2F-21EBDE3BAB94}: Der Benutzer "Wolfi-PC\Wolfi" hat eine Verbindung mit dem RAS-Server hergestellt, verwendet wurde das Gerät: " Server address/Phone Number = ToDialer 6 Device = WAN-Miniport (PPPOE) Port = PPPoE2-0 MediaType = PPPoE". Record Number: 11792 Source Name: RasClient Time Written: 20090425104125.000000-000 Event Type: Informationen User: Computer Name: Wolfi-PC Event Code: 20222 Message: CoID={F47625B0-2362-4663-9E2F-21EBDE3BAB94}: Der Benutzer "Wolfi-PC\Wolfi" versucht, eine Verbindung zum RAS-Server für die Verbindung mit dem Namen "T-Online 6.0" mit dem folgenden Gerät herzustellen: Server address/Phone Number = ToDialer 6 Device = WAN-Miniport (PPPOE) Port = PPPoE2-0 MediaType = PPPoE. Record Number: 11791 Source Name: RasClient Time Written: 20090425104125.000000-000 Event Type: Informationen User: =====Security event log===== Computer Name: Wolfi-PC Event Code: 4624 Message: Ein Konto wurde erfolgreich angemeldet. Antragsteller: Sicherheits-ID: S-1-0-0 Kontoname: - Kontodomäne: - Anmelde-ID: 0x0 Anmeldetyp: 3 Neue Anmeldung: Sicherheits-ID: S-1-5-7 Kontoname: ANONYMOUS-ANMELDUNG Kontodomäne: NT-AUTORITÄT Anmelde-ID: 0x2e1cc Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Prozessinformationen: Prozess-ID: 0x0 Prozessname: - Netzwerkinformationen: Arbeitsstationsname: Quellnetzwerkadresse: - Quellport: - Detaillierte Authentifizierungsinformationen: Anmeldeprozess: NtLmSsp Authentifizierungspaket: NTLM Übertragene Dienste: - Paketname (nur NTLM): NTLM V1 Schlüssellänge: 0 Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde. Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe". Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk). Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto. Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben. Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung. - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren. - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren. - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an. - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0. Record Number: 31750 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090723054401.906394-000 Event Type: Überwachung erfolgreich User: Computer Name: Wolfi-PC Event Code: 5024 Message: Der Windows-Firewalldienst wurde erfolgreich gestartet. Record Number: 31749 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090723054400.341394-000 Event Type: Überwachung erfolgreich User: Computer Name: Wolfi-PC Event Code: 5033 Message: Der Windows-Firewalltreiber wurde erfolgreich gestartet. Record Number: 31748 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090723054400.200394-000 Event Type: Überwachung erfolgreich User: Computer Name: Wolfi-PC Event Code: 4672 Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-ID: 0x3e7 Berechtigungen: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 31747 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090723054359.732394-000 Event Type: Überwachung erfolgreich User: Computer Name: Wolfi-PC Event Code: 4624 Message: Ein Konto wurde erfolgreich angemeldet. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: WOLFI-PC$ Kontodomäne: WORKGROUP Anmelde-ID: 0x3e7 Anmeldetyp: 5 Neue Anmeldung: Sicherheits-ID: S-1-5-18 Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-ID: 0x3e7 Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Prozessinformationen: Prozess-ID: 0x26c Prozessname: C:\Windows\System32\services.exe Netzwerkinformationen: Arbeitsstationsname: Quellnetzwerkadresse: - Quellport: - Detaillierte Authentifizierungsinformationen: Anmeldeprozess: Advapi Authentifizierungspaket: Negotiate Übertragene Dienste: - Paketname (nur NTLM): - Schlüssellänge: 0 Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde. Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe". Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk). Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto. Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben. Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung. - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren. - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren. - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an. - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0. Record Number: 31746 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090723054359.732394-000 Event Type: Überwachung erfolgreich User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis2\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\DivX Shared\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip "RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club "RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0 -----------------EOF----------------- |
|
17.02.2010, 16:54
| #13 |
| | Trojaner eingefangen? Browser und Programme spinnen Und die Log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by Wolfi at 2010-02-17 16:49:21 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 95 GB (20%) free of 477 GB Total RAM: 2046 MB (28% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:49:31, on 17.02.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\PROFIL~1.EXE C:\PROGRA~1\T-Online\T-ONLI~2\Notifier\Notifier.exe C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\notepad.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Wolfi\Downloads\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Wolfi.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/service/redir/ie_t-online.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.t-online.de/service/redir/ie_suche.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/service/redir/ie_t-online.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von T-Online International AG R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'Default user') O8 - Extra context menu item: &NeoTrace It! - C:\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\NEOTRA~1\NTXtoolbar.htm (HKCU) O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{81D160E9-75A8-41E0-AF92-3A0580F12F73}: NameServer = 217.0.43.1 217.0.43.193 O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 8153 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{1FB89CD6-4C99-4F44-A899-DC6FBD9D05A6}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}] SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2009-04-28 68936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712] {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-04-28 211272] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-01-05 2002160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e251c3f-0cb3-11de-b108-001fd08ab3a1}] shell\AutoRun\command - A:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7adb49c5-0e52-11de-a82c-001fd08ab3a1}] shell\AutoRun\command - G:\Menu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d361c7c6-54d1-11de-bd80-001fd08ab3a1}] shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d361c7c8-54d1-11de-bd80-001fd08ab3a1}] shell\Auto\command - G:\Start.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4ed1c5d-fc3c-11dd-b415-001fd08ab3a1}] shell\Auto\command - F:\Start.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-02-17 16:49:21 ----D---- C:\rsit 2010-02-16 18:08:00 ----D---- C:\!KillBox 2010-02-16 17:36:00 ----D---- C:\ProgramData\WindowsSearch 2010-02-16 17:32:43 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-02-16 17:32:23 ----D---- C:\Users\Wolfi\AppData\Roaming\SUPERAntiSpyware.com 2010-02-16 17:32:23 ----D---- C:\Program Files\SUPERAntiSpyware 2010-02-16 17:28:01 ----D---- C:\GPs 2010-02-16 17:26:56 ----D---- C:\Guitar Pro 5.0 2010-02-16 17:19:56 ----A---- C:\Windows\wininit.ini 2010-02-16 16:19:32 ----D---- C:\Users\Wolfi\AppData\Roaming\QuickScan 2010-02-16 15:49:40 ----D---- C:\Program Files\Trend Micro 2010-02-16 15:30:56 ----D---- C:\Users\Wolfi\AppData\Roaming\AVG8 2010-02-16 15:26:09 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-02-16 15:26:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-02-16 10:43:57 ----RSH---- C:\Windows\system32\tuoco.exe 2010-02-16 10:43:53 ----RSH---- C:\Windows\system32\tueroif.exe 2010-02-16 09:35:04 ----D---- C:\Users\Wolfi\AppData\Roaming\Malwarebytes 2010-02-16 09:34:58 ----D---- C:\ProgramData\Malwarebytes 2010-02-16 09:34:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-16 09:31:09 ----D---- C:\Program Files\CCleaner 2010-02-16 08:22:07 ----D---- C:\Program Files\Bethesda Softworks 2010-02-16 06:56:11 ----A---- C:\Windows\system32\XAudio2_6.dll 2010-02-16 06:56:11 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2010-02-16 06:56:11 ----A---- C:\Windows\system32\xactengine3_6.dll 2010-02-16 06:56:11 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2010-02-16 06:01:58 ----D---- C:\Program Files\DAEMON Tools Lite 2010-02-16 05:54:39 ----D---- C:\Fallout 3 DVD 2010-02-16 04:51:46 ----D---- C:\Program Files\Common Files\InstallShield 2010-02-16 03:55:57 ----D---- C:\40966214c097f7e22a 2010-02-15 17:21:37 ----D---- C:\inetpub 2010-02-15 14:48:32 ----D---- C:\ProgramData\Fallout3 2010-02-15 14:39:28 ----A---- C:\Windows\system32\CmdLineExt.dll 2010-02-14 03:33:06 ----A---- C:\savedir.ini 2010-02-10 20:13:02 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-02-10 20:13:02 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-02-10 20:12:55 ----A---- C:\Windows\system32\tsbyuv.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\quartz.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\msyuv.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\msvidc32.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\msvfw32.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\msrle32.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\mciavi32.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\iyuv_32.dll 2010-02-10 20:12:55 ----A---- C:\Windows\system32\avifil32.dll 2010-02-09 20:32:27 ----D---- C:\ProgramData\Creative Labs 2010-02-09 00:58:27 ----D---- C:\ProgramData\2DBoy 2010-02-09 00:57:50 ----D---- C:\WorldOfGoo 2010-02-08 20:48:54 ----A---- C:\Windows\system32\TURegOpt.exe 2010-02-08 20:48:51 ----A---- C:\Windows\system32\uxtuneup.dll 2010-02-08 20:48:51 ----A---- C:\Windows\system32\authuitu.dll 2010-02-08 20:48:26 ----D---- C:\Program Files\TuneUp Utilities 2010 2010-02-08 20:48:11 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2010-02-08 17:13:19 ----N---- C:\Windows\system32\Sens_oal.dll 2010-02-08 17:12:52 ----D---- C:\Program Files\Common Files\Creative Labs Shared 2010-02-08 17:11:11 ----A---- C:\Windows\system32\CmdRtr.DLL 2010-02-08 17:11:11 ----A---- C:\Windows\system32\APOMngr.DLL 2010-02-07 15:41:08 ----D---- C:\EA SPORTS 2010-02-07 15:32:37 ----D---- C:\ProgramData\EA Logs 2010-02-07 02:04:37 ----D---- C:\FM10 DVD 2010-02-07 01:00:51 ----D---- C:\Program Files\Windows Portable Devices 2010-02-07 00:59:38 ----A---- C:\Windows\system32\UIRibbonRes.dll 2010-02-07 00:59:38 ----A---- C:\Windows\system32\UIAnimation.dll 2010-02-07 00:59:37 ----A---- C:\Windows\system32\UIRibbon.dll 2010-02-07 00:59:09 ----A---- C:\Windows\system32\WMPhoto.dll 2010-02-07 00:59:09 ----A---- C:\Windows\system32\cdd.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\XpsRasterService.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\XpsPrint.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\WindowsCodecs.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-02-07 00:59:08 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\OpcServices.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\dxdiagn.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\dxdiag.exe 2010-02-07 00:59:08 ----A---- C:\Windows\system32\d3d10warp.dll 2010-02-07 00:59:08 ----A---- C:\Windows\system32\d2d1.dll 2010-02-07 00:59:07 ----A---- C:\Windows\system32\xpsservices.dll 2010-02-07 00:59:07 ----A---- C:\Windows\system32\FntCache.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\dxgi.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\DWrite.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\d3d11.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\d3d10level9.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\d3d10core.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\d3d10_1core.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\d3d10_1.dll 2010-02-07 00:59:06 ----A---- C:\Windows\system32\d3d10.dll 2010-02-07 00:58:34 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2010-02-07 00:58:34 ----A---- C:\Windows\system32\wpdbusenum.dll 2010-02-07 00:58:34 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2010-02-07 00:58:31 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\WPDSp.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\wpdshext.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\WpdMtpUS.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\WpdMtp.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\WpdConns.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\wpd_ci.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2010-02-07 00:58:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2010-02-07 00:57:11 ----A---- C:\Windows\system32\UIAutomationCore.dll 2010-02-07 00:57:11 ----A---- C:\Windows\system32\oleaccrc.dll 2010-02-07 00:57:11 ----A---- C:\Windows\system32\oleacc.dll 2010-02-06 21:22:31 ----D---- C:\Electronic Arts 2010-02-06 20:50:59 ----D---- C:\Program Files\NSIS 2010-02-06 19:51:36 ----D---- C:\Windows\system32\eu-ES 2010-02-06 19:51:36 ----D---- C:\Windows\system32\ca-ES 2010-02-06 19:51:35 ----D---- C:\Windows\system32\vi-VN 2010-02-06 19:48:06 ----D---- C:\Windows\system32\SPReview 2010-02-06 19:40:05 ----A---- C:\Windows\system32\scavenge.dll 2010-02-06 19:40:01 ----A---- C:\Windows\system32\compcln.exe 2010-02-06 19:39:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2010-02-06 19:39:29 ----A---- C:\Windows\system32\secproc_ssp.dll 2010-02-06 19:39:29 ----A---- C:\Windows\system32\secproc_isv.dll 2010-02-06 19:39:29 ----A---- C:\Windows\system32\secproc.dll 2010-02-06 19:39:28 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\SearchIndexer.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\SearchFilterHost.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\sdohlp.dll 2010-02-06 19:39:28 ----A---- C:\Windows\system32\sdclt.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\samlib.dll 2010-02-06 19:39:28 ----A---- C:\Windows\system32\rtutils.dll 2010-02-06 19:39:28 ----A---- C:\Windows\system32\rtffilt.dll 2010-02-06 19:39:28 ----A---- C:\Windows\system32\rsaenh.dll 2010-02-06 19:39:28 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\RMActivate_isv.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\RMActivate.exe 2010-02-06 19:39:28 ----A---- C:\Windows\system32\riched20.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\scrrun.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\scrobj.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\scksp.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\schedsvc.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\scesrv.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\scecli.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\SCardSvr.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\scansetting.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\samsrv.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\rpcss.dll 2010-02-06 19:39:27 ----A---- C:\Windows\system32\rpchttp.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\PNPXAssoc.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\PnPutil.exe 2010-02-06 19:39:25 ----A---- C:\Windows\system32\PnPUnattend.exe 2010-02-06 19:39:25 ----A---- C:\Windows\system32\pnpui.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\pnpsetup.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\pnidui.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\perfdisk.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\pdh.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\pcaui.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\p2psvc.dll 2010-02-06 19:39:25 ----A---- C:\Windows\system32\P2PGraph.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\powercpl.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\PkgMgr.exe 2010-02-06 19:39:24 ----A---- C:\Windows\system32\pidgenx.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\photowiz.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\offfilt.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\ntdll.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\nslookup.exe 2010-02-06 19:39:24 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-02-06 19:39:24 ----A---- C:\Windows\system32\nlhtml.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\osk.exe 2010-02-06 19:39:23 ----A---- C:\Windows\system32\oobefldr.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\onex.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\olepro32.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\oleprn.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\oleaut32.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\ole32.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\odbccp32.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\odbcconf.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\odbc32.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\ocsetup.exe 2010-02-06 19:39:23 ----A---- C:\Windows\system32\ntprint.dll 2010-02-06 19:39:23 ----A---- C:\Windows\system32\ntmarta.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\RelMon.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rekeywiz.exe 2010-02-06 19:39:22 ----A---- C:\Windows\system32\regsvc.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\regapi.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\reg.exe 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rdpwsx.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rdpencom.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rastapi.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasppp.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasplap.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasmontr.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasmans.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasgcw.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasdlg.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasdial.exe 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasdiag.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\raschap.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\rasapi32.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\RacEngn.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\Query.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\qmgr.dll 2010-02-06 19:39:22 ----A---- C:\Windows\system32\qedit.dll 2010-02-06 19:39:21 ----A---- C:\Windows\system32\puiapi.dll 2010-02-06 19:39:21 ----A---- C:\Windows\system32\prnntfy.dll 2010-02-06 19:39:21 ----A---- C:\Windows\system32\printui.dll 2010-02-06 19:39:21 ----A---- C:\Windows\system32\PresentationSettings.exe 2010-02-06 19:39:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-02-06 19:39:21 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-02-06 19:39:21 ----A---- C:\Windows\system32\PresentationHost.exe 2010-02-06 19:39:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-02-06 19:39:21 ----A---- C:\Windows\system32\powrprof.dll 2010-02-06 19:39:20 ----A---- C:\Windows\system32\qdvd.dll 2010-02-06 19:39:20 ----A---- C:\Windows\system32\QAGENTRT.DLL 2010-02-06 19:39:20 ----A---- C:\Windows\system32\psisdecd.dll 2010-02-06 19:39:20 ----A---- C:\Windows\system32\PSHED.DLL 2010-02-06 19:39:20 ----A---- C:\Windows\system32\propsys.dll 2010-02-06 19:39:20 ----A---- C:\Windows\system32\propdefs.dll 2010-02-06 19:39:20 ----A---- C:\Windows\system32\profsvc.dll 2010-02-06 19:39:15 ----A---- C:\Windows\system32\shell32.dll 2010-02-06 19:39:15 ----A---- C:\Windows\system32\sendmail.dll 2010-02-06 19:39:14 ----A---- C:\Windows\system32\shlwapi.dll 2010-02-06 19:39:14 ----A---- C:\Windows\system32\shdocvw.dll 2010-02-06 19:39:14 ----A---- C:\Windows\system32\setupapi.dll 2010-02-06 19:39:14 ----A---- C:\Windows\system32\sethc.exe 2010-02-06 19:39:14 ----A---- C:\Windows\system32\services.exe 2010-02-06 19:39:09 ----A---- C:\Windows\system32\ExplorerFrame.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\evr.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\eudcedit.exe 2010-02-06 19:39:09 ----A---- C:\Windows\system32\esent.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\EhStorAPI.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\eapphost.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\eappgnui.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\eappcfg.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\eapp3hst.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\dwm.exe 2010-02-06 19:39:09 ----A---- C:\Windows\system32\dsprop.dll 2010-02-06 19:39:09 ----A---- C:\Windows\system32\dsound.dll 2010-02-06 19:39:09 ----A---- C:\Windows\explorer.exe 2010-02-06 19:39:08 ----A---- C:\Windows\system32\f3ahvoas.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\es.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\EncDec.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\emdmgmt.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\EhStorShell.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\EhStorAuthn.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\drvstore.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\drvinst.exe 2010-02-06 19:39:08 ----A---- C:\Windows\system32\drmmgrtn.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dpapimig.exe 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dot3svc.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dot3msm.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dot3cfg.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\diskraid.exe 2010-02-06 19:39:08 ----A---- C:\Windows\system32\diskpart.exe 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dimsroam.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\diagperf.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dhcpcsvc.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dfsr.exe 2010-02-06 19:39:08 ----A---- C:\Windows\system32\dfshim.dll 2010-02-06 19:39:08 ----A---- C:\Windows\system32\devmgr.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\iasnap.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\IasMigReader.exe 2010-02-06 19:39:07 ----A---- C:\Windows\system32\IasMigPlugin.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\iashlpr.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\iasdatastore.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\iasads.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\iasacct.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\hbaapi.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\gpupdate.exe 2010-02-06 19:39:07 ----A---- C:\Windows\system32\gpsvc.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\gpresult.exe 2010-02-06 19:39:07 ----A---- C:\Windows\system32\drmv2clt.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\dnsrslvr.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\dnsapi.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\dmusic.dll 2010-02-06 19:39:07 ----A---- C:\Windows\system32\dmsynth.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\hidserv.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\hdwwiz.exe 2010-02-06 19:39:06 ----A---- C:\Windows\system32\gpapi.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\gdi32.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fontext.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\findstr.exe 2010-02-06 19:39:06 ----A---- C:\Windows\system32\feclient.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fdWSD.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fdWCN.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fdSSDP.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fdProxy.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fdeploy.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fdBthProxy.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fdBth.dll 2010-02-06 19:39:06 ----A---- C:\Windows\system32\fc.exe 2010-02-06 19:39:06 ----A---- C:\Windows\system32\Faultrep.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\gpedit.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2010-02-06 19:39:05 ----A---- C:\Windows\system32\fundisc.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\ftp.exe 2010-02-06 19:39:05 ----A---- C:\Windows\system32\bthci.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\browseui.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\brcpl.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\autoplay.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\autofmt.exe 2010-02-06 19:39:05 ----A---- C:\Windows\system32\autoconv.exe 2010-02-06 19:39:05 ----A---- C:\Windows\system32\autochk.exe 2010-02-06 19:39:05 ----A---- C:\Windows\system32\authz.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\authui.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\audiosrv.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\AudioSes.dll 2010-02-06 19:39:05 ----A---- C:\Windows\system32\audiodg.exe 2010-02-06 19:39:04 ----A---- C:\Windows\system32\blackbox.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\bitsigd.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\BFE.DLL 2010-02-06 19:39:04 ----A---- C:\Windows\system32\bcrypt.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\basecsp.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\azroles.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\apphelp.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\apds.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\adsmsext.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\adsldpc.dll 2010-02-06 19:39:04 ----A---- C:\Windows\system32\accessibilitycpl.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2010-02-06 19:39:03 ----A---- C:\Windows\system32\DevicePairing.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\DeviceEject.exe 2010-02-06 19:39:03 ----A---- C:\Windows\system32\dbgeng.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\davclnt.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\dataclen.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\d3d9.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\crypt32.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\credui.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\connect.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\conime.exe 2010-02-06 19:39:03 ----A---- C:\Windows\system32\comuid.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\comsvcs.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\comdlg32.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\cmmon32.exe 2010-02-06 19:39:03 ----A---- C:\Windows\system32\cmdial32.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\advapi32.dll 2010-02-06 19:39:03 ----A---- C:\Windows\system32\adtschema.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\csrstub.exe 2010-02-06 19:39:02 ----A---- C:\Windows\system32\cscript.exe 2010-02-06 19:39:02 ----A---- C:\Windows\system32\cscdll.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\cscapi.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\cryptui.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\cryptsvc.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\cipher.exe 2010-02-06 19:39:02 ----A---- C:\Windows\system32\ci.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\chtbrkr.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\chsbrkr.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\certmgr.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\CertEnrollUI.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\CertEnroll.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\certcli.dll 2010-02-06 19:39:02 ----A---- C:\Windows\system32\cbsra.exe 2010-02-06 19:39:02 ----A---- C:\Windows\system32\bthudtask.exe 2010-02-06 19:39:02 ----A---- C:\Windows\system32\bthserv.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msihnd.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msiexec.exe 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msi.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msftedit.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msexcl40.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msexch40.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msdtctm.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msdtcprx.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msdrm.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msctfui.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msctfp.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\msctf.dll 2010-02-06 19:39:01 ----A---- C:\Windows\system32\certutil.exe 2010-02-06 19:39:01 ----A---- C:\Windows\system32\certreq.exe 2010-02-06 19:39:01 ----A---- C:\Windows\system32\certprop.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\msimsg.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\mscories.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\mscorier.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\mscoree.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\mscms.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\mscandui.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\MPSSVC.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\mprapi.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\mpr.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\modemui.dll 2010-02-06 19:39:00 ----A---- C:\Windows\system32\MMDevAPI.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\NetProjW.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\netplwiz.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\netlogon.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\netcenter.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\netapi32.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\ncryptui.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\ncrypt.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\NcdProp.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-02-06 19:38:59 ----A---- C:\Windows\system32\mtxclu.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\newdev.exe 2010-02-06 19:38:58 ----A---- C:\Windows\system32\newdev.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\networkmap.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\networkitemfactory.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\networkexplorer.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\netshell.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msscntrs.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msscb.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msrepl40.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msrd3x40.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msrd2x40.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\mspbde40.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msnetobj.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msltus40.dll 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msinfo32.exe 2010-02-06 19:38:58 ----A---- C:\Windows\system32\msimtf.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msxbde40.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mswstr10.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mswsock.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mswdat10.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\MSVidCtl.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msvcrt.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msvcp60.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msutb.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mstsc.exe 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mstlsapi.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mstext40.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mssvp.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msstrc.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mssrch.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mssprxy.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mssphtb.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mssph.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\mssitlb.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msshsq.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msshooks.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msscp.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msjtes40.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msjter40.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msjint40.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msjetoledb40.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msjet40.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\msisip.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\InkEd.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\infocardapi.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\inetppui.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\inetpp.dll 2010-02-06 19:38:57 ----A---- C:\Windows\system32\inetcomm.dll 2010-02-06 19:38:48 ----A---- C:\Windows\system32\imm32.dll 2010-02-06 19:38:45 ----A---- C:\Windows\system32\iscsilog.dll 2010-02-06 19:38:45 ----A---- C:\Windows\system32\ipsmsnap.dll 2010-02-06 19:38:45 ----A---- C:\Windows\system32\IPSECSVC.DLL 2010-02-06 19:38:44 ----A---- C:\Windows\system32\ipsecsnp.dll 2010-02-06 19:38:44 ----A---- C:\Windows\system32\iphlpsvc.dll 2010-02-06 19:38:44 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2010-02-06 19:38:44 ----A---- C:\Windows\system32\ipconfig.exe 2010-02-06 19:38:44 ----A---- C:\Windows\system32\input.dll 2010-02-06 19:38:43 ----A---- C:\Windows\system32\ifmon.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\IMJP10K.DLL 2010-02-06 19:38:42 ----A---- C:\Windows\system32\imapi2fs.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\imapi2.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\imapi.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\IKEEXT.DLL 2010-02-06 19:38:42 ----A---- C:\Windows\system32\icardres.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\icardagt.exe 2010-02-06 19:38:42 ----A---- C:\Windows\system32\iassvcs.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\iassdo.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\iassam.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\iasrecst.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\iasrad.dll 2010-02-06 19:38:42 ----A---- C:\Windows\system32\iaspolcy.dll 2010-02-06 19:38:41 ----A---- C:\Windows\system32\mfplat.dll 2010-02-06 19:38:41 ----A---- C:\Windows\system32\mfc42u.dll 2010-02-06 19:38:41 ----A---- C:\Windows\system32\mfc42.dll 2010-02-06 19:38:39 ----A---- C:\Windows\system32\mmcndmgr.dll 2010-02-06 19:38:39 ----A---- C:\Windows\system32\mmcico.dll 2010-02-06 19:38:39 ----A---- C:\Windows\system32\mmci.dll 2010-02-06 19:38:39 ----A---- C:\Windows\system32\mmc.exe 2010-02-06 19:38:39 ----A---- C:\Windows\system32\mimefilt.dll 2010-02-06 19:38:39 ----A---- C:\Windows\system32\milcore.dll 2010-02-06 19:38:39 ----A---- C:\Windows\system32\midimap.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\mcmde.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\mblctr.exe 2010-02-06 19:38:38 ----A---- C:\Windows\system32\logman.exe 2010-02-06 19:38:38 ----A---- C:\Windows\system32\logagent.exe 2010-02-06 19:38:38 ----A---- C:\Windows\system32\l2nacp.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\korwbrkr.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\kernel32.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\kdusb.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\kdcom.dll 2010-02-06 19:38:38 ----A---- C:\Windows\system32\kd1394.dll 2010-02-06 19:38:37 ----A---- C:\Windows\system32\wercon.exe 2010-02-06 19:38:37 ----A---- C:\Windows\system32\wer.dll 2010-02-06 19:38:37 ----A---- C:\Windows\system32\WebClnt.dll 2010-02-06 19:38:37 ----A---- C:\Windows\system32\shsetup.dll 2010-02-06 19:38:37 ----A---- C:\Windows\system32\Magnify.exe 2010-02-06 19:38:36 ----A---- C:\Windows\system32\wdscore.dll 2010-02-06 19:38:33 ----A---- C:\Windows\system32\wdc.dll 2010-02-06 19:38:28 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll 2010-02-06 19:38:21 ----A---- C:\Windows\system32\wevtutil.exe 2010-02-06 19:38:16 ----A---- C:\Windows\system32\whealogr.dll 2010-02-06 19:38:16 ----A---- C:\Windows\system32\wevtsvc.dll 2010-02-06 19:38:13 ----A---- C:\Windows\system32\wevtapi.dll 2010-02-06 19:38:13 ----A---- C:\Windows\system32\wersvc.dll 2010-02-06 19:38:13 ----A---- C:\Windows\system32\WerFaultSecure.exe 2010-02-06 19:38:13 ----A---- C:\Windows\system32\WerFault.exe 2010-02-06 19:38:09 ----A---- C:\Windows\system32\win32spl.dll 2010-02-06 19:38:09 ----A---- C:\Windows\system32\wiaservc.dll 2010-02-06 19:38:09 ----A---- C:\Windows\system32\wiaaut.dll 2010-02-06 19:38:09 ----A---- C:\Windows\system32\version.dll 2010-02-06 19:38:09 ----A---- C:\Windows\system32\vds.exe 2010-02-06 19:38:09 ----A---- C:\Windows\system32\vdmdbg.dll 2010-02-06 19:38:08 ----A---- C:\Windows\system32\vdsutil.dll 2010-02-06 19:38:08 ----A---- C:\Windows\system32\vdsdyn.dll 2010-02-06 19:38:08 ----A---- C:\Windows\system32\user32.dll 2010-02-06 19:38:07 ----A---- C:\Windows\system32\uxsms.dll 2010-02-06 19:38:07 ----A---- C:\Windows\system32\Utilman.exe 2010-02-06 19:38:06 ----A---- C:\Windows\system32\userenv.dll 2010-02-06 19:38:04 ----A---- C:\Windows\system32\usp10.dll 2010-02-06 19:38:04 ----A---- C:\Windows\system32\usercpl.dll 2010-02-06 19:37:56 ----A---- C:\Windows\system32\WcnNetsh.dll 2010-02-06 19:37:56 ----A---- C:\Windows\system32\wcncsvc.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\WSDMon.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\wsdchngr.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\wscisvif.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\WscEapPr.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\wscapi.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\wcnwiz2.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\wcnwiz.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\w32time.dll 2010-02-06 19:37:55 ----A---- C:\Windows\system32\VSSVC.exe 2010-02-06 19:37:55 ----A---- C:\Windows\system32\vssapi.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\xmlfilter.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wusa.exe 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wsnmp32.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\WsmSvc.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wshext.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wshbth.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wsepno.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wscsvc.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wscript.exe 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wscntfy.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wpcsvc.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wpccpl.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wpcao.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\wow32.dll 2010-02-06 19:37:54 ----A---- C:\Windows\system32\WMVXENCD.DLL 2010-02-06 19:37:54 ----A---- C:\Windows\system32\WMVSDECD.DLL 2010-02-06 19:37:54 ----A---- C:\Windows\system32\WMVENCOD.DLL 2010-02-06 19:37:53 ----A---- C:\Windows\system32\wmpmde.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\wmpeffects.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\wlgpclnt.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\Wldap32.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\wlanui.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\wlanpref.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\wlangpui.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\wisptis.exe 2010-02-06 19:37:53 ----A---- C:\Windows\system32\winsrv.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\WinSCard.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\WinSAT.exe 2010-02-06 19:37:53 ----A---- C:\Windows\system32\winrnr.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\winresume.exe 2010-02-06 19:37:53 ----A---- C:\Windows\system32\winmm.dll 2010-02-06 19:37:53 ----A---- C:\Windows\system32\winlogon.exe 2010-02-06 19:37:53 ----A---- C:\Windows\system32\winload.exe 2010-02-06 19:37:52 ----A---- C:\Windows\system32\wmicmiplugin.dll 2010-02-06 19:37:52 ----A---- C:\Windows\system32\wmdrmsdk.dll 2010-02-06 19:37:52 ----A---- C:\Windows\system32\sud.dll 2010-02-06 19:37:52 ----A---- C:\Windows\system32\Storprop.dll 2010-02-06 19:37:52 ----A---- C:\Windows\system32\stobject.dll 2010-02-06 19:37:52 ----A---- C:\Windows\system32\srcore.dll 2010-02-06 19:37:52 ----A---- C:\Windows\system32\srchadmin.dll 2010-02-06 19:37:51 ----A---- C:\Windows\system32\sysmain.dll 2010-02-06 19:37:51 ----A---- C:\Windows\system32\swprv.dll 2010-02-06 19:37:51 ----A---- C:\Windows\system32\srvsvc.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\sysclass.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\SyncCenter.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\smss.exe 2010-02-06 19:37:50 ----A---- C:\Windows\system32\SmiEngine.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\SMBHelperClass.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\slwmi.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\slcc.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\SLC.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\shwebsvc.dll 2010-02-06 19:37:50 ----A---- C:\Windows\system32\shsvcs.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\zipfldr.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\untfs.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\TsWpfWrp.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\TSTheme.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\tscupgrd.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\sqlsrv32.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spwizui.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spwinsat.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spreview.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spp.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spoolsv.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spoolss.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spinstall.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\sperror.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\spcmsg.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\softkbd.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SnippingTool.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SndVol.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\slwga.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SLUINotify.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SLUI.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SLsvc.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\slmgr.vbs 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SLLUA.exe 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SLCommDlg.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\slcinst.dll 2010-02-06 19:37:49 ----A---- C:\Windows\system32\SLCExt.dll 2010-02-06 19:37:48 ----A---- C:\Windows\system32\umpnpmgr.dll 2010-02-06 19:37:48 ----A---- C:\Windows\system32\ulib.dll 2010-02-06 19:37:48 ----A---- C:\Windows\system32\uDWM.dll 2010-02-06 19:37:48 ----A---- C:\Windows\system32\systemcpl.dll 2010-02-06 19:37:47 ----A---- C:\Windows\system32\tquery.dll 2010-02-06 19:37:47 ----A---- C:\Windows\system32\tcpmon.dll 2010-02-06 19:37:47 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-02-06 19:37:47 ----A---- C:\Windows\system32\taskeng.exe 2010-02-06 19:37:47 ----A---- C:\Windows\system32\taskcomp.dll 2010-02-06 19:37:47 ----A---- C:\Windows\system32\tapisrv.dll 2010-02-06 19:37:42 ----A---- C:\Windows\system32\themeui.dll 2010-02-06 19:37:42 ----A---- C:\Windows\system32\thawbrkr.dll 2010-02-06 19:37:42 ----A---- C:\Windows\system32\termsrv.dll 2010-02-06 19:37:41 ----A---- C:\Windows\system32\themecpl.dll 2010-02-06 19:35:31 ----D---- C:\Windows\system32\EventProviders 2010-02-06 19:10:49 ----D---- C:\ProgramData\Electronic Arts 2010-02-06 18:37:39 ----A---- C:\Windows\system32\D3DX9_39.dll 2010-02-06 16:48:52 ----A---- C:\Windows\system32\OpenCL.dll 2010-02-06 16:48:51 ----A---- C:\Windows\system32\nvwgf2um.dll 2010-02-06 16:48:51 ----A---- C:\Windows\system32\nvoglv32.dll 2010-02-06 16:48:51 ----A---- C:\Windows\system32\nvcuvid.dll 2010-02-06 16:48:50 ----A---- C:\Windows\system32\nvcuvenc.dll 2010-02-06 16:48:50 ----A---- C:\Windows\system32\nvcuda.dll 2010-02-06 16:48:50 ----A---- C:\Windows\system32\nvcompiler.dll 2010-02-06 16:48:50 ----A---- C:\Windows\system32\nvcod189.dll 2010-02-06 16:48:50 ----A---- C:\Windows\system32\nvcod.dll 2010-02-06 16:37:36 ----D---- C:\Program Files\SystemRequirementsLab 2010-02-06 15:32:29 ----D---- C:\Program Files\Common Files\Adobe AIR 2010-02-06 14:42:53 ----D---- C:\Program Files\Creative 2010-02-06 03:00:46 ----D---- C:\ProgramData\Creative 2010-02-06 03:00:31 ----D---- C:\Windows\system32\DATA 2010-01-31 22:13:15 ----D---- C:\Users\Wolfi\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien 2010-01-31 02:50:56 ----D---- C:\Program Files\VirtualFem 2010-01-30 13:20:02 ----D---- C:\Users\Wolfi\AppData\Roaming\vlc 2010-01-22 23:34:16 ----A---- C:\Windows\system32\mshtml.dll 2010-01-22 23:34:16 ----A---- C:\Windows\system32\ieframe.dll 2010-01-22 23:34:15 ----A---- C:\Windows\system32\wininet.dll 2010-01-22 23:34:15 ----A---- C:\Windows\system32\urlmon.dll 2010-01-22 23:34:15 ----A---- C:\Windows\system32\occache.dll 2010-01-22 23:34:15 ----A---- C:\Windows\system32\msfeeds.dll 2010-01-22 23:34:15 ----A---- C:\Windows\system32\iertutil.dll 2010-01-22 23:34:15 ----A---- C:\Windows\system32\iedkcs32.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\msfeedssync.exe 2010-01-22 23:34:14 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\jsproxy.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\ieUnatt.exe 2010-01-22 23:34:14 ----A---- C:\Windows\system32\ieui.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\iesysprep.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\iesetup.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\iernonce.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\iepeers.dll 2010-01-22 23:34:14 ----A---- C:\Windows\system32\ie4uinit.exe 2010-01-20 16:37:49 ----D---- C:\Users\Wolfi\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien ======List of files/folders modified in the last 1 months====== 2010-02-17 16:49:24 ----D---- C:\Windows\Temp 2010-02-17 15:06:41 ----D---- C:\Windows 2010-02-17 14:50:33 ----D---- C:\Program Files\Mozilla Firefox 2010-02-17 13:24:10 ----D---- C:\Windows\System32 2010-02-17 13:24:10 ----D---- C:\Windows\inf 2010-02-17 13:24:10 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-17 13:18:02 ----D---- C:\ProgramData\NVIDIA 2010-02-17 09:46:29 ----SHD---- C:\Windows\Installer 2010-02-17 09:20:38 ----HD---- C:\ProgramData 2010-02-17 09:20:34 ----D---- C:\Program Files\SweetIM 2010-02-16 18:16:38 ----A---- C:\Windows\NeroDigital.ini 2010-02-16 17:32:23 ----RD---- C:\Program Files 2010-02-16 17:31:45 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2010-02-16 17:19:51 ----D---- C:\Windows\Tasks 2010-02-16 15:49:36 ----D---- C:\Windows\system32\drivers 2010-02-16 15:42:29 ----SD---- C:\Users\Wolfi\AppData\Roaming\Microsoft 2010-02-16 10:22:12 ----D---- C:\Windows\system32\Tasks 2010-02-16 10:11:23 ----D---- C:\Windows\winsxs 2010-02-16 09:59:29 ----D---- C:\Windows\system32\wbem 2010-02-16 09:58:37 ----D---- C:\Windows\system32\spool 2010-02-16 09:58:37 ----D---- C:\Windows\system32\CodeIntegrity 2010-02-16 09:58:37 ----D---- C:\Windows\system32\catroot2 2010-02-16 09:58:37 ----D---- C:\Windows\registration 2010-02-16 09:58:37 ----D---- C:\Program Files\Common Files 2010-02-16 09:53:58 ----SHD---- C:\System Volume Information 2010-02-16 09:34:49 ----D---- C:\Windows\Debug 2010-02-16 08:38:53 ----SHD---- C:\Boot 2010-02-16 08:38:53 ----D---- C:\Windows\system32\config 2010-02-16 06:55:59 ----RSD---- C:\Windows\assembly 2010-02-16 06:31:26 ----D---- C:\Program Files\PowerArchiver 2010-02-16 06:05:37 ----D---- C:\Users\Wolfi\AppData\Roaming\DAEMON Tools Lite 2010-02-16 06:01:30 ----D---- C:\ProgramData\DAEMON Tools Lite 2010-02-16 05:12:56 ----D---- C:\Program Files\cFos 2010-02-16 05:11:20 ----D---- C:\Windows\rescache 2010-02-16 05:11:18 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-16 05:11:18 ----D---- C:\Program Files\Windows Mail 2010-02-15 17:22:43 ----D---- C:\Windows\Microsoft.NET 2010-02-15 17:21:39 ----D---- C:\Windows\system32\migration 2010-02-15 17:21:39 ----D---- C:\Windows\system32\de-DE 2010-02-15 17:21:38 ----D---- C:\Windows\system32\inetsrv 2010-02-14 15:10:34 ----D---- C:\Users\Wolfi\AppData\Roaming\ICQ 2010-02-14 03:42:04 ----D---- C:\Program Files\C3MT 2010-02-13 05:40:41 ----D---- C:\Program Files\Steam 2010-02-10 20:22:09 ----D---- C:\Windows\system32\catroot 2010-02-10 20:18:33 ----D---- C:\Windows\Prefetch 2010-02-08 20:48:14 ----D---- C:\ProgramData\TuneUp Software 2010-02-08 20:47:46 ----D---- C:\Program Files\TuneUp Utilities 2009 2010-02-08 17:34:29 ----D---- C:\Windows\Logs 2010-02-08 17:13:19 ----A---- C:\Windows\system32\wrap_oal.dll 2010-02-08 17:13:19 ----A---- C:\Windows\system32\OpenAL32.dll 2010-02-07 01:00:50 ----D---- C:\Windows\system32\zh-HK 2010-02-07 01:00:50 ----D---- C:\Windows\system32\uk-UA 2010-02-07 01:00:50 ----D---- C:\Windows\system32\sl-SI 2010-02-07 01:00:50 ----D---- C:\Windows\system32\pt-PT 2010-02-07 01:00:50 ----D---- C:\Windows\system32\pt-BR 2010-02-07 01:00:50 ----D---- C:\Windows\system32\pl-PL 2010-02-07 01:00:50 ----D---- C:\Windows\system32\ko-KR 2010-02-07 01:00:50 ----D---- C:\Windows\system32\it-IT 2010-02-07 01:00:50 ----D---- C:\Windows\system32\hu-HU 2010-02-07 01:00:50 ----D---- C:\Windows\system32\hr-HR 2010-02-07 01:00:50 ----D---- C:\Windows\system32\he-IL 2010-02-07 01:00:50 ----D---- C:\Windows\system32\el-GR 2010-02-07 01:00:50 ----D---- C:\Windows\system32\bg-BG 2010-02-07 01:00:49 ----D---- C:\Windows\system32\zh-TW 2010-02-07 01:00:49 ----D---- C:\Windows\system32\zh-CN 2010-02-07 01:00:49 ----D---- C:\Windows\system32\tr-TR 2010-02-07 01:00:49 ----D---- C:\Windows\system32\th-TH 2010-02-07 01:00:49 ----D---- C:\Windows\system32\sv-SE 2010-02-07 01:00:49 ----D---- C:\Windows\system32\sr-Latn-CS 2010-02-07 01:00:49 ----D---- C:\Windows\system32\sk-SK 2010-02-07 01:00:49 ----D---- C:\Windows\system32\ru-RU 2010-02-07 01:00:49 ----D---- C:\Windows\system32\ro-RO 2010-02-07 01:00:49 ----D---- C:\Windows\system32\nl-NL 2010-02-07 01:00:49 ----D---- C:\Windows\system32\nb-NO 2010-02-07 01:00:49 ----D---- C:\Windows\system32\lv-LV 2010-02-07 01:00:49 ----D---- C:\Windows\system32\lt-LT 2010-02-07 01:00:49 ----D---- C:\Windows\system32\ja-JP 2010-02-07 01:00:49 ----D---- C:\Windows\system32\fr-FR 2010-02-07 01:00:49 ----D---- C:\Windows\system32\fi-FI 2010-02-07 01:00:49 ----D---- C:\Windows\system32\et-EE 2010-02-07 01:00:49 ----D---- C:\Windows\system32\es-ES 2010-02-07 01:00:49 ----D---- C:\Windows\system32\en-US 2010-02-07 01:00:49 ----D---- C:\Windows\system32\da-DK 2010-02-07 01:00:49 ----D---- C:\Windows\system32\cs-CZ 2010-02-07 01:00:49 ----D---- C:\Windows\system32\ar-SA 2010-02-06 20:50:31 ----D---- C:\Windows\SoftwareDistribution 2010-02-06 19:52:37 ----D---- C:\Program Files\Windows Calendar 2010-02-06 19:52:37 ----D---- C:\Program Files\Movie Maker 2010-02-06 19:52:36 ----D---- C:\Program Files\Windows Sidebar 2010-02-06 19:52:35 ----D---- C:\Program Files\Windows Media Player 2010-02-06 19:52:35 ----D---- C:\Program Files\Windows Journal 2010-02-06 19:52:35 ----D---- C:\Program Files\Windows Collaboration 2010-02-06 19:52:35 ----D---- C:\Program Files\Internet Explorer 2010-02-06 19:52:34 ----D---- C:\Program Files\Common Files\System 2010-02-06 19:52:33 ----D---- C:\Program Files\Windows Photo Gallery 2010-02-06 19:52:29 ----D---- C:\Windows\servicing 2010-02-06 19:52:29 ----D---- C:\Windows\ehome 2010-02-06 19:52:29 ----D---- C:\Program Files\Windows Defender 2010-02-06 19:52:18 ----D---- C:\Windows\system32\XPSViewer 2010-02-06 19:52:18 ----D---- C:\Windows\IME 2010-02-06 19:52:16 ----D---- C:\Windows\system32\oobe 2010-02-06 19:52:13 ----D---- C:\Windows\system32\AdvancedInstallers 2010-02-06 19:52:12 ----D---- C:\Windows\system32\SLUI 2010-02-06 19:52:12 ----D---- C:\Windows\system32\setup 2010-02-06 19:52:12 ----D---- C:\Windows\system32\manifeststore 2010-02-06 19:52:08 ----D---- C:\Windows\system32\migwiz 2010-02-06 19:51:41 ----RSD---- C:\Windows\Fonts 2010-02-06 19:51:41 ----D---- C:\Windows\AppPatch 2010-02-06 19:51:35 ----D---- C:\Windows\system32\Boot 2010-02-06 18:34:17 ----D---- C:\Program Files\Electronic Arts 2010-02-06 18:16:29 ----D---- C:\Temp 2010-02-06 16:50:59 ----D---- C:\Program Files\NVIDIA Corporation 2010-02-06 16:50:42 ----D---- C:\Program Files\AGEIA Technologies 2010-02-06 15:32:36 ----D---- C:\Users\Wolfi\AppData\Roaming\Adobe 2010-02-06 15:32:36 ----D---- C:\ProgramData\Adobe 2010-02-02 17:02:05 ----D---- C:\ProgramData\Media Center Programs 2010-02-02 16:38:23 ----A---- C:\Windows\system32\TUProgSt.exe 2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe 2010-02-01 16:20:02 ----D---- C:\Users\Wolfi\AppData\Roaming\Tropico 3 2010-01-31 02:58:07 ----A---- C:\Windows\system32\homepage.txt 2010-01-31 02:50:39 ----D---- C:\Program Files\Common Files\microsoft shared 2010-01-30 13:06:57 ----D---- C:\Users\Wolfi\AppData\Roaming\dvdcss 2010-01-24 00:45:35 ----A---- C:\ctapi_out_gr.txt 2010-01-20 16:26:58 ----D---- C:\Program Files\Rockstar Games ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-01-05 9968] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-01-05 74480] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-04 281760] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-14 56816] R2 cFosNT;cFosNT; C:\Windows\System32\Drivers\cFosNT.sys [2009-04-22 1206488] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-07-04 25888] R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544] R3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [2006-10-09 17536] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280] R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1168896] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784] R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-01-05 7408] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] S3 aabziouh;aabziouh; C:\Windows\system32\drivers\aabziouh.sys [] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2008-08-04 1964816] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-12-14 185089] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2008-08-04 164896] R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880] R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880] R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-02-25 75064] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-01-11 240232] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-01 1043784] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-21 21504] R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-02-08 79360] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-09-16 316664] S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-08 435016] S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880] -----------------EOF----------------- |
|
17.02.2010, 16:59
| #14 |
| | Trojaner eingefangen? Browser und Programme spinnen Und nochmal alles im praktischen .zip-Format inkl. aller Datein. |
|
17.02.2010, 19:40
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner eingefangen? Browser und Programme spinnen Die Logs sind für mich wieder okay. Mach aber bitte noch eins mit CF, ich will da etwas sichergehen, da ja recht unbekannte Malware drauf war: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner eingefangen? Browser und Programme spinnen |
| 32 bit, alle programme, antivir, antivir guard, atapi.sys, avg, avira, bho, black, browser, cdburnerxp, converter, cpu, defender, desktop, firefox, hijack, hijackthis, hkus\s-1-5-18, home, home premium, internet, internet explorer, local\temp, malwarebytes' anti-malware, monitor, mozilla, nvlddmkm.sys, ogg, plug-in, programme spinnen, realtek, rundll, senden, surface, sweetim, system, tables, toolbars, trojaner, trojaner eingefangen, usbport.sys, userinit.exe, vista, win vista, wrapper |
Linear-Darstellung
